github DataDog/dd-trace-go v1.37.0
1.37.0

latest releases: v1.70.0-rc.2, v1.999.0-beta.10, instrumentation/testutils/grpc/v2.0.0-beta.10...
2 years ago

This release comes with the new AppSec capability to monitor the parsed HTTP body thanks to a new public appsec package. This package provides a function - appsec.MonitorParsedHTTPBody() - that should be called from within your http request handlers with the parsed http body payload, such as returned by json.Unmarshal(), proto.Unmarshal() or any other parser.
It also introduces support for the web framework gin, as well as the latest AppSec security rules which include the new OGNL & Cassandra injection detections.

Additionally, this update provides a new user monitoring tracing function - tracer.SetUser() - allowing to associate user attributes to a trace. This allows to add user context to traces which can then be leveraged by Datadog's monitoring, for example by identifying the user of an AppSec attack.

The profiler's code hotspots and endpoints is now enabled by default in order to connect APM traces and profiles.

Note that dd-trace-go's go.mod file has been updated to now include every dependency required by dd-trace-go and its integrations. It now lists the minimum secure versions required, according to the Go module registry of vulnerabilities.

Features

  • all: commit full go.mod and go.sum files (#1188)

APM

  • contrib/database/sql: fix support for drivers using deprecated interfaces (#1167)
  • contrib/database/sql: trace connection time (#1154)
  • contrib/gorilla/mux: provide a new function wrapper for gorilla router (#1175)
  • contrib/segmentio/kafka-go: add tracing for kafka writer and reader (#1152)
  • ddtrace/tracer: overall CPU & memory performance improvements (#1184, #1160, #1186, #1134, #1183)
  • ddtrace/tracer: Add B3 flag to PropagatorConfig (#1148)
  • ddtrace/tracer: provide a new user monitoring tracing function to associate a user to a trace (#1196)
  • ddtrace/tracer: disable Datadog internal tag propagation (#1182)
  • ddtrace/tracer: fix a bug with the x-datadog-tags header parser (#1155)
  • ddtrace/tracer: fix top_level computation with DD_SERVICE_MAPPING (#1150)

AppSec

  • contrib/gin-gonic: add AppSec monitoring of http requests and responses (#1165)
  • contrib/google.golang.org/grpc: monitor grpc metadata headers (#1190)
  • contrib/labstack/echo.v4: fix http response monitoring (#1177)
  • appsec: provide a new function to monitor the parsed http body (#1178)
  • internal/appsec/waf: fix the parsing of AppSec security rules (#1189)
  • internal/appsec: update the security rules to v1.2.6, including new OGNL & Cassandra injections and various improvements (#1191)

Profiler

  • profiler, ddtrace/tracer: enable code hotspots & endpoints by default with 100% CPU profiling (#1169)
  • profiler: don't upload full profiles if delta profiling is enabled (#1187)
  • profiler: Inc DefaultBlockRate from 10µs to 100ms (#1192)

Don't miss a new dd-trace-go release

NewReleases is sending notifications on new releases.