This release comes with new Application Security Monitoring capabilities including sensitive data obfuscation for security events, a new set of metrics to monitor the WAF execution and security rules processing, as well as the latest version of the security rules which includes NoSQL-injection monitoring.
On a side note, AppSec has been renamed to ASM (Application Security Monitoring) and will be referred to as such in the future.
On the Tracer side, the service.name tag was removed from the spans for kubernetes and the resource.name tag is now set using the context's route for gofiber/fiber.
The Profiler introduces a new CPUProfileRate option to allow users to use a specific CPU profiling rate.
Features
Tracer
- contrib/k8s.io/client-go/kubernetes: remove the tracer service tag (#1211) (thanks @meowfaceman)
- contrib/gofiber/fiber.v2: resource name should use route instead of path (#1215) (thanks @AsgerNoer)
Application Security Monitoring
- internal/appsec: security events obfuscation (#1237)
- internal/appsec/waf: add WAF and security rules monitoring metrics (#1225)
- internal/appsec: update security rules to v1.3.1 including NoSQL-injection monitoring (#1244)
Profiler
- profiler: add CPUProfileRate option (#1243)
Fixes
Tracer
- contrib/go-chi: remove the chi.v4 package in favor of chi.v5 (#1233)
- contrib/net/http: fix status reporting for empty replies (#1140)
- contrib/gin-gonic/gin: fix incomplete examples (#1212) (thanks @ajones)
Profiler
- ddtrace/tracer: update profile endpoint label when SetTag updates resource name for a span (#1203)
Full Changelog: v1.37.1...v1.38.0