DataDog/dd-trace-py v1.9.0

1.9.0

on GitHub

Prelude

Application Security Management (ASM) has added Django support for blocking malicious IPs using one click within Datadog.

Application Security Management (ASM) has added Flask support for blocking malicious IPs using one click within Datadog.

Deprecation Notes

• grpc: Deprecates ddtrace.contrib.grpc.constants.GRPC_PORT_KEY. Use ddtrace.ext.net.TARGET_PORT instead.
• dbapi: ddtrace.ext.sql.ROWS is deprecated. Use ddtrace.ext.db.ROWCOUNT instead.
• cassandra: ddtrace.ext.cassandra.ROW_COUNT is deprecated. Use ddtrace.ext.db.ROWCOUNT instead.

Known Issues

• remote config: There is a known issue with remote configuration management (RCM) when paired with gevent which can cause child processes to deadlock. If you are experiencing issues, we recommend disabling RCM with DD_REMOTE_CONFIGURATION_ENABLED=fals e. Note, this will disable one click activation for ASM.
• gunicorn: ddtrace-run does not work with gunicorn. To instrument a gunicorn application, follow the instructions here.

New Features

• Enable traces to be sent before an impending timeout for datadog_lambda>=4.66.0. Use DD_APM_FLUSH_DEADLINE to override the default flush deadline. The default is the AWS Lambda function configured timeout limit.

• debugger: Add dynamic log probes to that generate a log message and optionally capture local variables, return value and exceptions

• tracing: Add support for enabling collecting of HTTP request client IP addresses as the http.client_ip span tag. You can set the DD_TRACE_CLIENT_IP_ENABLED environment variable to true to enable. This feature is disabled by default.

• ASM: add support for one click blocking of IPs with the Django framework using Remote Configuration Management.

• • ASM: add support for one click blocking of IPs with the Flask framework using
    Remote Configuration Management.

• ASM: also fetch loopback IPs if client IP fetching is enabled (either via ASM or DD_TRACE_CLIENT_IP_ENABLED).

• ASM: Enable ability to remotely activate and configure ASM features. To enable, check the Python Security page in your account. Note that this is a beta feature.

• profiling: Collects endpoint invocation counts.

• dynamic instrumentation: Python 3.11 is now supported.

• graphene: Adds support for Python 3.11.

  • graphql: Adds support for Python 3.11.

  • httpx: Add support for httpx<0.14.0,>=0.9.0.

  • • tracer/span: Add Span.finish_with_ancestors method to enable the abrupt
      finishing of a trace in cases where the trace or application must be immediately terminated.

Bug Fixes

• dbm: Support sql queries with the type byte.

• fastapi: Previously, custom fastapi middlewares configured after application startup were not traced. This fix ensures that all fastapi middlewares are captured in the fastapi.request span.

• tracing: Pads trace_id and span_ids in b3 headers to have a minimum length of 16.

• Fix full stacktrace being sent to the log on remote config connection errors.

• httpx: Only patch httpx.AsyncClient for httpx>=0.11.0.

• tracing: This fix resolves an issue with the encoding of traces when using the v0.5 API version with the Python optimization option flag -O or the PYTHONOPTIMIZE environment variable.

• pylons: This fix resolves an issue where str.decode could cause critical unicode decode errors when ASM is enabled. ASM is disabled by default.

• gevent: This fix resolves incompatibility under 3.8>=Python<=3.10 between ddtrace-run and applications that depend on gevent, for example gunicorn servers. It accomplishes this by keeping copies that have not been monkey patched by gevent of
  most modules used by ddtrace. This "module cloning" logic can be controlled by the environment variable DD_UNLOAD_MODULES_FROM_SITECUSTOMIZE. Valid values for this variable are "1", "0", and "auto". "1" tells ddtrace to run its module cloning logic
  unconditionally, "0" tells it never to run that logic, and "auto" tells it to run module cloning logic only if gevent is accessible from the application's runtime. The default value is "0".

• lib-injection: Use package versions published to PyPI to install the
  library. Formerly the published image was installing the package from source using the tagged commit SHA which resulted in slow and potentially failing installs.

• profiler: Handles potential AttributeErrors which would arise while collecting frames during stack unwinding in Python 3.11.

• remote config: ensure proper validation of responses from the agent.