github DataDog/dd-trace-py v1.10.0
1.10.0
on GitHub

latest releases: v2.12.3, v2.13.1, v2.14.2...
18 months ago

Prelude

Application Security Management (ASM) has added Django support for blocking malicious users using one click within Datadog.

Note

One click blocking for ASM is currently in beta.

Deprecation Notes

  • dbapi: ddtrace.ext.mongo.ROWS is deprecated. Use ddtrace.ext.db.ROWCOUNT instead.

New Features

  • starlette: Add http.route tag to starlette.request spans.
  • fastapi: Add http.route tag to fastapi.request spans.
  • ASM: Add support for one click blocking of user ids with the Django framework using Remote Configuration Management.
  • ASM: This introduces the "suspicious request blocking" feature for Django and Flask.

Known Issues

  • ASM: There is a known issue with the flask support for any rule blocking on server.request.path_params. The request will be correctly blocked but the client application will be receiving and processing the suspicious request. Possible workaround: use server.request.uri.raw instead, if you want the request to be blocked before entering the flask application.

Bug Fixes

  • dbapi: The dbapi integration no longer assumes that a cursor object will have a rowcount as not all database drivers implement rowcount.
  • dbm: Support sql queries with the type byte.
  • elasticsearch: Omit large elasticsearch.body tag values that are
    greater than 25000 characters to prevent traces from being too large to send.
  • aws_lambda: This fix resolves an issue where existing signals were wrapped multiple times.
  • profiling: Handles a race condition on process shutdown that would cause an error about a module not being started to occasionally appear in the logs.
  • Fix for KeyError exceptions when when ASM_FEATURES (1-click activation) disabled all ASM products. This could cause 1-click activation to work incorrectly in some cases.
  • django: Fixes an issue where http.route was only set if use_handler_resource_format and use_legacy_resource_format were set to False.
  • ASM: Resolves installation issues with compiling native code on Windows and unknown platforms.
  • dynamic_instrumentation: This change fixes a bug whereby probes that have been disabled/removed from the front-end would not be removed by the client library.
  • httplib: Fixes an issue with patching of http client upon import
  • Ensure DD_REMOTE_CONFIGURATION_ENABLED environment variable disables remote config if set to False.
  • ASM: Solve some corner cases where a Flask blocking request would fail because headers would be already sent.
  • ASM: Solve the content-type not always being correct in blocking responses.
  • ASM: Ensure the blocking responses have the following tags: http.url, http.query_string, http.useragent, http.method, http.response.headers.content-type and http.response.headers.content-length.
  • ASM: fix memory leaks and memory corruption in the interface between ASM and the WAF library
  • psycopg2: Fixes a bug with DSN parsing integration.

Other Changes

  • remote_config: Change the level of remote config startup logs to debug.
Check out latest releases or
releases around DataDog/dd-trace-py v1.10.0

Don't miss a new dd-trace-py release

NewReleases is sending notifications on new releases.

Get notifications