Changes
Core
- Avoid calling ClassLoader.getParent() once we've found a class resource #5414
- Add dynamic config smoke test #5360
- Wait for traces to be published before exiting if CI Visibility is enabled #5377
- [Telemetry] Support app_client_configuration_change telemetry event #5335
- Apply any dynamically overridden header-tags to response headers as well #5349
- [Remote-config] Apply APM tracing overrides from remote-config #5327
Integrations
- [Elasticsearch/Opensearch] Add feature-flag to control tagging of search request body/parameters #5423
- [Elasticsearch/Opensearch] Include search body in spans #5273
- Couchbase 3.x: extract seed nodes info #5104
- [Apache-spark] [Spark] Separate the error stack trace from the error message #5256
- Handle when Servlet3 AsyncEvent was initialized without any ServletRequest #5373
- [Jms] Reset oldest capture time on JMS message-ack #5319
- [Apache-spark] [Spark] Compute available executor time per stage #5310
Profiling
- Add tag to local root span to indicate whether profiling is enabled #5395
- Update the live heap profiling config keys #5380
- Enable contextual allocation profiler by default #5378
- Get stack depth from Throwable stackTrace to avoid copy #5362
- Use Datadog profiler on Oracle JDK8u361+ #5351
- Change JFR event config defaults #5331
- Upgrade ddprof 0.49.0, disable on OpenJDK8/aarch64 #5374
Debugger
- Fix null values for lists or maps #5389
- Fix
this
duplicate serialization in snapshot #5379 - Introduced separate global rate limiter for logs #5348
- Fix mixing global and per probe rate limiting #5332
- Avoid having infinite recursive loop serialization #5321
- Fix handling of local variable table #5306
- Fix NullPointerException in map/list serialization #5309
- Fix Collection/Map serialization #5318
Native Image
Application Security Management (ASM)
- [IAST] Unvalidated redirect vertx-3.4 #5352
- [IAST] Fix request tainted metric and simplify code #5347
- [IAST] IAST no HttpOnly cookie vulnerability detection #5345
- [IAST] Improve insecure cookie detection in Vert.x 3.9 #5329
- [IAST] Spring MVC unvalidated redirect instrumentation #5308
- [IAST] IAST insecure cookie - vertx instrumentation #5209
- [IAST] IAST Insecure cookie detection for JAX-RS frameworks #5163
- [WAF] Upgrade to libddwaf 1.11.0 #5300
- [WAF] Less verbose AppSec start log #5355
- [WAF] Grizzly: fix req blocking not skipping handler #5353
- [WAF] Multipart form parameters supported on more servers for AppSec #5275
AWS
- [SDK] Consistent APM span tags for AWS requests to aws-java-sdk-1.11.0 #5192
Diagnostics
- Generate useful error that includes the bad agent URL instead of unhelpful NullPointerExceptions #5372
Dependencies
- Byte-buddy 1.14.5 #5356
Build
- integrate APM Test Agent within CircleCI instrumentation tests #5149