Prelude
Application Security Management (ASM) has added support for tracing subprocess executions.
Exception Debugging allows capturing debug information from exceptions attached to traces. The information about local variables and function arguments is displayed in the Error Tracking UI and augments the traceback data already collected.
New Features
-
ASM: vulnerabilities related to insecure request cookies will be reported when
DD_APPSEC_ENABLED
is set totrue
. -
ASM: add support for tracing subprocess executions (like os.system, os.spawn, subprocess.Popen and others) and adding
information to a span names command_execution with the new type system. Currently we add the cmd.exec or cmd.shell tags to store the full command line (cmd.shell will be used when the command is run under a shell like with os.system or Popen with shell=True), cmd.exit_code to hold the return code when available, component which will hold the Python module used and the span resource will hold the binary used. This feature requires ASM to be activated using theDD_APPSEC_ENABLED=True
configuration environment variable. -
botocore: Introduces environment variable
DD_BOTOCORE_INSTRUMENT_INTERNALS
that opts into tracing certain internal functionality. -
botocore: Added message attributes to Amazon Simple Queue Service spans to support data streams monitoring.
-
exception debugging: Introduced the Exception Debugging feature that allows capturing debug information from exceptions attached to traces. This new feature can be enabled via the
DD_EXCEPTION_DEBUGGING_ENABLED
environment variable. -
openai: Adds support for metrics, logs, and traces for the models, edits, images, audio, files, fine-tunes, and
moderations endpoints. See the docs for more information. -
CI Visibility: Updates how pytest modules and test suites are reported. Modules names are now set to the fully qualified name, whereas test suites will be set to the file name.
Before this change: {"module": "tests", "suite":"my_module/tests/test_suite.py"}
After this change: {"module": "my_module.tests", "suite": "test_suite.py"} -
core: Apply
DD_TAGS
to runtime metrics. -
kafka: Adds messaging.kafka.bootstrap.servers tag for the confluent-kafka producer configuration value found in metadata.broker.list or bootstrap.servers
-
tracing: This reports the GRPC package name (optional) and service name in a single rpc.service tag
Bug Fixes
-
telemetry: resolves issue with sending unnecessary duplicate logs
-
botocore: This fix resolves an issue where ddtrace attempted to parse as URLs SQS QueueUrl attributes that were not well-formed URLs.
-
psycopg: Resolves
TypeError
raised when an async cursor object is traced. This fix ensuresexc_type
,exc_val
, andexc_tb
are passed down to the wrapped object on__aexit__
. -
Fixed an issue that prevented the library from working as expected when a combination of gevent and asyncio-based frameworks that rely on the functionalities of the ssl module is used.
-
openai: Fixes the issue with
ImportError
ofTypedDict
fromtyping
module in Python 3.7. -
openai: This fix resolves an issue where embeddings inputs were always tagged regardless of the configured prompt-completion sample rate.
-
pytest: This fix resolves an issue where failures and non-skipped tests were not propagated properly when
unittest.TestCase
classes were used. -
Fixes an issue where harvesting runtime metrics on certain managed environments, such as Google Cloud Run, would cause ddtrace to throw an exception.
-
graphql:
graphql.execute
spans are now marked as measured. -
tracing: This fix resolves an issue where negative trace ID values were allowed to propagate via Datadog distributed tracing HTTP headers.
-
openai: Resolves some inconsistencies in logs generated by the image and audio endpoints, including filenames, prompts, and not logging raw binary image data.
-
pymemcache: This fix resolves an issue where overriding span attributes on
HashClient
failed whenuse_pooling
was set. -
This fix resolves an issue causing MyPy linting to fail on files that import ddtrace.
-
The 1.15.0 version has a bug that arises when Remote Config receives both kinds of actions (removing target file configurations and loading new target file configurations) simultaneously, as the load action overrides the remove action. This error occurs if someone creates and removes Dynamic Instrumentation Probes rapidly, within a time interval shorter than the Remote Config interval (5s). To fix this issue, this update appends all new configurations and configurations to remove, and dispatches them at the end of the RC request.