Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump ddtrace from 1.9.3 to 2.1.6 #206

Closed
wants to merge 1 commit into from
Closed

build(deps): bump ddtrace from 1.9.3 to 2.1.6 #206

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 14, 2023

Bumps ddtrace from 1.9.3 to 2.1.6.

Release notes

Sourced from ddtrace's releases.

2.1.6

Bug Fixes

  • ASM: add support for psycopg2 adapt mechanism to LazyTaintList, preventing a ProgrammingError when using psycopg2 with IAST.
  • langchain: This fix resolves an issue with tagging pydantic SecretStr type api keys.
  • lib injection: Fix permissions error raised when non-root users copy single step instrumentation files.
  • This fix resolves an issue where type-checking would fail on valid application code due to a type hint on Span.set_tags that was too restrictive.

2.1.5

Upgrade Notes

  • The wrapt and psutil packages are vendored to help users avoid building these packages if wheels were not available for a given platform. This reverses a change released in v2.0.0.

Bug Fixes

  • CI: fixes an issue which prevented the library from filtering user credentials for SSH Git repository URLs
  • Use a unique default service name across all the products provided by the library when one is not given via the configuration interface.
  • CI Visibility: fixes unittest data not being initialized properly
  • Vulnerability Management for Code-level (IAST): This fix resolves an issue where SimpleJSON encoder would throw an exception while encoding a tainted dict or list.

2.1.4

Bug Fixes

  • Application Security Management (ASM): fix a body read error when Transfer-Encoding: chunked header is sent

2.1.3

Bug Fixes

  • IAST: This fix resolves an issue where JSON encoder would throw an exception while encoding a tainted dict or list.

2.1.2

Bug Fixes

  • ASM: fix a body read problem on some corner case where passing empty content length makes wsgi.input.read() blocks.
  • CI Visibility: fixes an issue where class-based test methods with the same name across classes would be considered duplicates, and cause one (or more) tests to be dropped from results, by adding --ddtrace-include-class-name as an optional flag (defaulting to false) to prepend the class name to the test name.
  • dynamic instrumentation: fix an issue that caused the probe instrumentation error details from being reported for visualization in the UI.
  • dynamic instrumentation: fix an issue that caused function probes on the same module to fail to instrument and be reported in the ERROR status in the UI if the module was not yet imported.
  • sampling: This fix reverts a refactor which affected how the tracer handled the trace-agent's recommended trace sampling rates, leading to an unintended increase in traces sampled.
  • remote config: Add git metadata to configuration requests to ensure Source Code Integration (SCI) works as expected with services that require it.
  • CI Visibility: fixes an issue where just importing unittest enabled CIVisibility and potentially caused unexpected logs and API requests
  • Vulnerability Management for Code-level (IAST): Fix potential string id collisions that could cause false positives with non tainted objects being marked as tainted.

... (truncated)

Commits
  • b3a97bf chore(iast): slice propagation ranges error and store hash and id separately ...
  • 4b064bc fix(iast): remove logs metrics noise [backport 2.1] (#7549)
  • 348e20b fix(lib-inject): set execute permissions on package files [backport 2.1] (#7...
  • 2e7691c fix(asm): add support for pyscopg2 adapt to lazytaintlist for iast. backport-...
  • 2407a3e fix(various): strip debuginfo on release [backport 2.1] (#7322)
  • 56019da fix(tracing): fix type signature on span.set_tags to allow non-text values [b...
  • a9162a9 fix(iast): improve traceback message from telemetry logs [Backport 2.1] (#7523)
  • 37b3e55 fix(iast): report cookies vuln [backport 2.1] (#7500)
  • b0c2048 fix(langchain): handle secret str api keys [backport 2.1] (#7480)
  • 4e7c00a ci: pin flake8 builtins to avoid failing on 2.2.0 (#7466)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump ddtrace from 1.9.3 to 2.1.6
86fa084 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-py) from 1.9.3 to 2.1.6.
- [Release notes](https://github.com/DataDog/dd-trace-py/releases)
- [Changelog](https://github.com/DataDog/dd-trace-py/blob/2.x/CHANGELOG.md)
- [Commits](DataDog/dd-trace-py@v1.9.3...v2.1.6)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Nov 14, 2023
@dependabot dependabot bot mentioned this pull request Nov 14, 2023
Closed
@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 16, 2023

Superseded by #208.

@dependabot dependabot bot closed this Nov 16, 2023
@dependabot dependabot bot deleted the dependabot/pip/ddtrace-2.1.6 branch November 16, 2023 02:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants