Bug Fixes
- profiling: add source code integration tags to profiles (#3821)
- core: do not report HTTP requests over 5 seconds as errors on Node 20 (#3853)
- core: update protobuf for security reasons (#3851)
- core: resolve the 0th argument of the restify controller promise (#3818)
Improvements
- core: collapse Next.js static resources to reduce cardinality (#3809)
- civisibility: waits for git to upload and re-request settings when
require_gitfield istrue(#3790) - civisibiity: do not report total code. coverage if itr is enabled (#3828)
- profiling: Add DNS events to timeline (#3822)
- core: add a new
httpservice configuration optionenablePropagationWithAmazonHeaders(#3836) - appsec: use existing response header instrumentation to detect Header Injection vulnerability when a unsafe string is written in a header (#3813)
- profiling: Add Net events to timeline (#3832)
- core: Partially upgrade instrumentation telemetry from v1 to v2 (#3827)
- civisibility: Speed up git unshallow (#3839)
- core: add a new environment variable to enable span leak detection at either logging or logging + manual gc modes (#3849)
- core: add a GitHub security policy via SECURITY.md (#3863)
- appsec: Apply new rules for header injection detection to prevent false positives (#3867)
- dsm: Add Kafka offset lag to metrics sent by datastreams monitoring (#3761)
- profiling: reduce overhead by removing lane logic from profiler library (#3880)