Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump ddtrace from 1.9.3 to 2.1.5 #205

Closed
wants to merge 1 commit into from
Closed

build(deps): bump ddtrace from 1.9.3 to 2.1.5 #205

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 6, 2023

Bumps ddtrace from 1.9.3 to 2.1.5.

Release notes

Sourced from ddtrace's releases.

2.1.5

Upgrade Notes

  • The wrapt and psutil packages are vendored to help users avoid building these packages if wheels were not available for a given platform. This reverses a change released in v2.0.0.

Bug Fixes

  • CI: fixes an issue which prevented the library from filtering user credentials for SSH Git repository URLs
  • Use a unique default service name across all the products provided by the library when one is not given via the configuration interface.
  • CI Visibility: fixes unittest data not being initialized properly
  • Vulnerability Management for Code-level (IAST): This fix resolves an issue where SimpleJSON encoder would throw an exception while encoding a tainted dict or list.

2.1.4

Bug Fixes

  • Application Security Management (ASM): fix a body read error when Transfer-Encoding: chunked header is sent

2.1.3

Bug Fixes

  • IAST: This fix resolves an issue where JSON encoder would throw an exception while encoding a tainted dict or list.

2.1.2

Bug Fixes

  • ASM: fix a body read problem on some corner case where passing empty content length makes wsgi.input.read() blocks.
  • CI Visibility: fixes an issue where class-based test methods with the same name across classes would be considered duplicates, and cause one (or more) tests to be dropped from results, by adding --ddtrace-include-class-name as an optional flag (defaulting to false) to prepend the class name to the test name.
  • dynamic instrumentation: fix an issue that caused the probe instrumentation error details from being reported for visualization in the UI.
  • dynamic instrumentation: fix an issue that caused function probes on the same module to fail to instrument and be reported in the ERROR status in the UI if the module was not yet imported.
  • sampling: This fix reverts a refactor which affected how the tracer handled the trace-agent's recommended trace sampling rates, leading to an unintended increase in traces sampled.
  • remote config: Add git metadata to configuration requests to ensure Source Code Integration (SCI) works as expected with services that require it.
  • CI Visibility: fixes an issue where just importing unittest enabled CIVisibility and potentially caused unexpected logs and API requests
  • Vulnerability Management for Code-level (IAST): Fix potential string id collisions that could cause false positives with non tainted objects being marked as tainted.

2.1.1

Bug Fixes

  • CI Visibility: fixes distributed tracing when using the CI Visibility integration
  • ASM: This fix resolves an issue where an f-string expression would not be formatted properly causing a segfault if IAST is enabled.
  • langchain: This fix resolves an import error with patching langchain versions newer than 0.0.300 due to langchain dropping support for wrapping or importing directly from root.
  • lib-injection: Update package files to not be world-writable.
  • data_streams: This fix resolves an issue where including exit signal handling for message queues caused imports of ddtrace in a thread to fail.

... (truncated)

Commits
  • 9469acb fix(iast): patch simplejson.encoder to handle LazyTaintDict properly (#7428) ...
  • 7e88daf chore: re-vendor psutil and wrapt (backport #7332 to 2.1) (#7437)
  • db1fe31 fix: use unique unnamed service name value [backport 2.1] (#7442)
  • c0cf6c2 test(profiling): collector log tests [backport 2.1] (#7447)
  • 3ccfcb0 fix(ci): filter user credentials from SSH git repo URLs [backport 2.1] (#7407)
  • 0d80f3a fix(ci_visibility): add safety checks and exception handling around _fetch_te...
  • 30372f3 fix(unittest): fix unittest data not initialized [backport 2.1] (#7412)
  • f0bf758 fix(ci_visibility): use custom configurations when querying ITR skippable tes...
  • 3a6edf7 ci: run framework tests if frameworks.yml modified [backport #7379 to 1.20] [...
  • 4b92fa3 fix(appsec): transfer-encoding chunked requests are dropped [backport 2.1] (#...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump ddtrace from 1.9.3 to 2.1.5
ae877a5 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-py) from 1.9.3 to 2.1.5.
- [Release notes](https://github.com/DataDog/dd-trace-py/releases)
- [Changelog](https://github.com/DataDog/dd-trace-py/blob/2.x/CHANGELOG.md)
- [Commits](DataDog/dd-trace-py@v1.9.3...v2.1.5)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 6, 2023
@dependabot dependabot bot mentioned this pull request Nov 6, 2023
Closed
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 14, 2023

Superseded by #206.

@dependabot dependabot bot closed this Nov 14, 2023
@dependabot dependabot bot deleted the dependabot/pip/ddtrace-2.1.5 branch November 14, 2023 02:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants