Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump ddtrace from 1.9.3 to 2.1.3 #203

Closed
wants to merge 1 commit into from
Closed

build(deps): bump ddtrace from 1.9.3 to 2.1.3 #203

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 27, 2023

Bumps ddtrace from 1.9.3 to 2.1.3.

Release notes

Sourced from ddtrace's releases.

2.1.3

Bug Fixes

  • IAST: This fix resolves an issue where JSON encoder would throw an exception while encoding a tainted dict or list.

2.1.2

Bug Fixes

  • ASM: fix a body read problem on some corner case where passing empty content length makes wsgi.input.read() blocks.
  • CI Visibility: fixes an issue where class-based test methods with the same name across classes would be considered duplicates, and cause one (or more) tests to be dropped from results, by adding --ddtrace-include-class-name as an optional flag (defaulting to false) to prepend the class name to the test name.
  • dynamic instrumentation: fix an issue that caused the probe instrumentation error details from being reported for visualization in the UI.
  • dynamic instrumentation: fix an issue that caused function probes on the same module to fail to instrument and be reported in the ERROR status in the UI if the module was not yet imported.
  • sampling: This fix reverts a refactor which affected how the tracer handled the trace-agent's recommended trace sampling rates, leading to an unintended increase in traces sampled.
  • remote config: Add git metadata to configuration requests to ensure Source Code Integration (SCI) works as expected with services that require it.
  • CI Visibility: fixes an issue where just importing unittest enabled CIVisibility and potentially caused unexpected logs and API requests
  • Vulnerability Management for Code-level (IAST): Fix potential string id collisions that could cause false positives with non tainted objects being marked as tainted.

2.1.1

Bug Fixes

  • CI Visibility: fixes distributed tracing when using the CI Visibility integration
  • ASM: This fix resolves an issue where an f-string expression would not be formatted properly causing a segfault if IAST is enabled.
  • langchain: This fix resolves an import error with patching langchain versions newer than 0.0.300 due to langchain dropping support for wrapping or importing directly from root.
  • lib-injection: Update package files to not be world-writable.
  • data_streams: This fix resolves an issue where including exit signal handling for message queues caused imports of ddtrace in a thread to fail.

2.1.0

Upgrade Notes

  • pymemcache: The memcached.query span tag will no longer be set by the integration. This command includes keys that can potentially contain sensitive information. If you require this span tag, you can retain the existing functionality by setting DD_TRACE_MEMCACHED_COMMAND_ENABLED=true. This span tag can be redacted using DD_APM_REPLACE_TAGS in your Agent configuration.

New Features

  • CI Visibility: adds full test suite level visibility for unittest
  • ASM: Add support for automatic user login events in Flask when using flask_login.
  • tracer: This introduces collection of inferred service names. The agent version v7.46.0 contains a new field "extra_services" in the remote config client, that allows clients to list any additional services that are used within tracer spans. Knowing all service names used by a tracer instance help the UI give better feedback to the user.
  • tracer: Adds support for DD_TRACE_METHODS. This feature enables the
    specification of custom methods to be instrumented by the tracer when using ddtrace-run. See the configuration documentation for more information: https://ddtrace.readthedocs.io/en/v2.1.0/configuration.html.
  • openai: This introduces official tracing support for Azure OpenAI services, specifically for completions, chat completions, and embeddings using models deployed on Azure OpenAI endpoints.
  • Vulnerability Management for Code-level (IAST): Weak randomness vulnerability detection.
  • pymemcache: add DD_TRACE_MEMCACHED_COMMAND_ENABLED environment variable for configuring the collection of memcached commands. This feature is disabled by default.
  • wsgi: This change introduces the keyword argument app_is_iterator to the DDWSGIMiddleware constructor. It's provided as a workaround for an issue where the Datadog WSGI middleware would fail to handle WSGI apps that are not their own iterators. This condition can arise when a Django app attempts to send its "request finished" signal, in which case it may cause connection leaks. Standard methods of distinguishing an iterable from its iterator, such as checking for the presence of iter and next dunder methods, don't work in this case for unknown reasons. Instead of adding brittle special-case detection logic to the middleware, this new argument allows users to indicate when this is the case.

Bug Fixes

... (truncated)

Commits
  • 2aa0c06 ci: run build job on more paths [backport 2.1] (#7352)
  • 579fcdc fix(iast): patch json.encoder to encode LazyTaintDict as dict [backport 2.1] ...
  • 2508d28 fix(sampling): revert "refactor(writer): handle agent responses in the tracer...
  • 4d53299 fix(iast): potential string id collisions [backport 2.1] (#7324)
  • 70cfbf2 fix(debugging): function probes on same lazy module [backport 2.1] (#7312)
  • 88a3562 fix(ci_visibility): fix adding test.skipped_by_itr tag [backport 2.1] (#7305)
  • 8ba4ac5 fix(ci_visibility): fixes unittest enabling the CI VIsibility plugin [backpor...
  • fddae71 fix(appsec): flask hangs on empty body requests [backport 2.1] (#7288)
  • 5d18ad5 fix(ci_visibility): add flag to show class in test name [backport 2.1] (#7280)
  • 00bcaeb fix(rcm): add git metadata to requests [backport 2.1] (#7261)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump ddtrace from 1.9.3 to 2.1.3
13f686d 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-py) from 1.9.3 to 2.1.3.
- [Release notes](https://github.com/DataDog/dd-trace-py/releases)
- [Changelog](https://github.com/DataDog/dd-trace-py/blob/2.x/CHANGELOG.md)
- [Commits](DataDog/dd-trace-py@v1.9.3...v2.1.3)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Oct 27, 2023
@dependabot dependabot bot mentioned this pull request Oct 27, 2023
Closed
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Oct 31, 2023

Superseded by #204.

@dependabot dependabot bot closed this Oct 31, 2023
@dependabot dependabot bot deleted the dependabot/pip/ddtrace-2.1.3 branch October 31, 2023 02:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants