Releases: DataDog/dd-trace-py
2.8.5
Known Issues
- Code Security: Security tracing for the
builtins.open
function is experimental and may not be stable. This aspect is not replaced by default. - grpc: Tracing for the
grpc.aio
clients and servers is experimental and may not be stable. This integration is now disabled by default.
Bug Fixes
- fix(grpc): This fix a bug in the grpc.aio support specific to streaming responses.
- RemoteConfig: This fix resolves an issue where remote config did not work for the tracer when using an agent that would add a flare item to the remote config payload. With this fix, the tracer will now correctly pull out the lib_config we need from the payload in order to implement remote config changes properly.
1.20.19
Bug Fixes
- Fix a regression with the support for gevent that could have occurred if some products, like ASM, telemetry, were enabled.
- fix(grpc): This change fixes a bug in the grpc.aio support specific to streaming responses.
- ASM: This fix resolves an issue with Flask instrumentation causing CPU leak with ASM, API Security and Telemetry enabled.
2.9.0rc7
2.9.0rc6
2.9.0rc5
Bug Fixes
- Code Security: Avoid an
ImportError
at patching stage ifgoogle._upb
module is not available.
2.9.0rc4
Known Issues
- grpc: Tracing for the
grpc.aio
clients and servers is experimental and may not be stable. This integration is now disabled by default.
Bug Fixes
- telemetry: This fix resolves an issue when using
pytest
+gevent
where the telemetry writer was eager initialized bypytest
entrypoints loading of our plugin, causing a potential dead lock. - Code Security: This fixes a bug in the AST patching process where
ImportError
exceptions were being caught, interfering with the proper application cycle if anImportError
was expected. - RemoteConfig: This fix resolves an issue where remote config did not work for the tracer when using an agent that would add a flare item to the remote config payload. With this fix, the tracer will now correctly pull out the
lib_config
we need from the payload in order to implement remote config changes properly.
2.8.4
Bug Fixes
- telemetry: This fix resolves an issue when using
pytest
+gevent
where the telemetry writer was eagerly initialized bypytest
entrypoints loading of our plugin causing a potential dead lock.
2.9.0rc3
Upgrade Notes
- aiopg: Upgrades supported versions to >=1.2. Drops support for 0.x versions.
- redis: deprecation of
ddtrace.contrib.tracer_utils_redis
module in favor ofddtrace.contrib.redis_utils
module
New Features
- aiomysql, asyncpg, mysql, mysqldb, pymysql: Add Database Monitoring (DBM) for remaining mysql and postgres integrations lacking support.
- aiomysql, aiopg: Implement span service naming determination to be consistent with other database integrations.
- ASM: This introduces the capability to enable or disable SCA using the environment variable
DD_APPSEC_SCA_ENABLED
. By default this env var is unset and in that case it doesn't affect the product. - Code Security: taint strings from gRPC messages.
- ASM: This introduces Exploit Prevention for Application Security Management for LFI (using file opening with standard CPython API) and SSRF (using either standard CPython API urllib or the requests package available on pypi). By default, the feature is disabled, but it can be enabled with
DD_APPSEC_RASP_ENABLED=true
in the environment. - botocore: This introduces tracing support for bedrock-runtime embedding operations.
- Code Security: to enable IAST in the application, you had to start it with the command
ddtrace-run [your-application-run-command]
so far. Now, you can also activate IAST with thepatch_all
function. - langchain: This adds tracing support for LCEL (LangChain Expression Language) chaining syntax. This change specifically adds synchronous and asynchronous tracing support for the
invoke
andbatch
methods.
Bug Fixes
-
Code Security: fix setting the wrong source on map elements tainted from
taint_structure
. -
Code Security: Fixes an issue where the AST patching process fails when the origin of a module is reported as None, raising a
FileNotFoundError
. -
CI Visibility: fixes an issue where tests were less likely to be skipped due to ITR skippable tests requests timing out earlier than they should
-
Code Security: This fix solves an issue with fstrings where formatting was not applied to int parameters
-
tracing: This fix resolves an issue where sampling rules were not matching correctly on float values that had a 0 decimal value. Sampling rules now evaluate such values as integers.
-
langchain: This fix resolves an issue where the LangChain integration always attempted to patch LangChain partner
libraries, even if they were not available. -
langchain: This fix resolves an issue where tracing
Chain.invoke()
instead ofChain.__call__()
resulted in the anArgumentError
due to an argument name change for inputs between the two methods. -
langchain: This fix adds error handling for checking if a traced LLM or chat model is an OpenAI instance, as the langchain_community package does not allow automatic submodule importing.
-
internal: This fix resolves an error regarding the remote config module with payloads missing a
lib_config
entry -
Profiling: fix a bug that caused the HTTP exporter to crash when attempting to serialize tags.
-
grpc: Resolves segfaults raised when grpc.aio interceptors are registered
-
Code Security: Fixed an issue with AES functions from the pycryptodome package that caused the application to crash and stop.
-
Code Security: Ensure that when tainting the headers of a Flask application, iterating over the headers (i.e., with
headers.items()
) does not duplicate them. -
Code Security: Some native exceptions were not being caught correctly by the python tracer. This fix remove those exceptions to avoid fatal error executions.
-
kafka: This fix resolves an issue where an empty message list returned from consume calls could cause crashes in the Kafka integration. Empty lists from consume can occur when the call times out.
-
logging: This fix resolves an issue where
tracer.get_log_correlation_context()
incorrectly returned a 128-bit trace_id even withDD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED
set toFalse
(the default), breaking log correlation. It now returns a 64-bit trace_id. -
Profiling: Fixes a defect where the deprecated path to the Datadog span type was used by the profiler.
-
Profiling: This fix resolves an issue where the profiler was forcing protobuf to load in injected environments,
causing crashes in configurations which relied on older protobuf versions. The profiler will now detect when injection is used and try loading with the native exporter. If that fails, it will self-disable rather than loading protobuf. -
pymongo: this resolves an issue where the library raised an error in
pymongo.pool.validate_session
-
ASM: This fix resolves an issue where an LFI attack on request path was not always detected with flask and uwsgi.
-
ASM: This fix removes non-required API security metrics.
-
Instrumentation: fixes crashes that could occur in certain integrations with packages that use non-integer components in their version specifiers
2.9.0rc2
Upgrade Notes
- aiopg: Upgrades supported versions to >=1.2. Drops support for 0.x versions.
- redis: deprecation of
ddtrace.contrib.tracer_utils_redis
module in favor ofddtrace.contrib.redis_utils
module
New Features
- aiomysql, asyncpg, mysql, mysqldb, pymysql: Add Database Monitoring (DBM) for remaining mysql and postgres integrations lacking support.
- aiomysql, aiopg: Implement span service naming determination to be consistent with other database integrations.
- ASM: This introduces the capability to enable or disable SCA using the environment variable
DD_APPSEC_SCA_ENABLED
. By default this env var is unset and in that case it doesn't affect the product. - Code Security: taint strings from gRPC messages.
- ASM: This introduces Exploit Prevention for Application Security Management for LFI (using file opening with standard CPython API) and SSRF (using either standard CPython API urllib or the requests package available on pypi). By default, the feature is disabled, but it can be enabled with
DD_APPSEC_RASP_ENABLED=true
in the environment. - botocore: This introduces tracing support for bedrock-runtime embedding operations.
- Vulnerability Management for Code-level (IAST): to enable IAST in the application, you had to start it with the command
ddtrace-run [your-application-run-command]
so far. Now, you can also activate IAST with thepatch_all
function. - langchain: This adds tracing support for LCEL (LangChain Expression Language) chaining syntax. This change specifically adds synchronous and asynchronous tracing support for the
invoke
andbatch
methods.
Bug Fixes
-
Code Security: fix setting the wrong source on map elements tainted from
taint_structure
. -
Code Security: Fixes an issue where the AST patching process fails when the origin of a module is reported as None, raising a
FileNotFoundError
. -
CI Visibility: fixes an issue where tests were less likely to be skipped due to ITR skippable tests requests timing out earlier than they should
-
Code Security: This fix solves an issue with fstrings where formatting was not applied to int parameters
-
tracing: This fix resolves an issue where sampling rules were not matching correctly on float values that had a 0 decimal value. Sampling rules now evaluate such values as integers.
-
langchain: This fix resolves an issue where the LangChain integration always attempted to patch LangChain partner
libraries, even if they were not available. -
langchain: This fix resolves an issue where tracing
Chain.invoke()
instead ofChain.__call__()
resulted in the anArgumentError
due to an argument name change for inputs between the two methods. -
langchain: This fix adds error handling for checking if a traced LLM or chat model is an OpenAI instance, as the langchain_community package does not allow automatic submodule importing.
-
internal: This fix resolves an error regarding the remote config module with payloads missing a
lib_config
entry -
Profiling: fix a bug that caused the HTTP exporter to crash when attempting to serialize tags.
-
grpc: Resolves segfaults raised when grpc.aio interceptors are registered
-
Code Security (IAST): Fixed an issue with AES functions from the pycryptodome package that caused the application to crash and stop.
-
Code Security: Ensure that when tainting the headers of a Flask application, iterating over the headers (i.e., with
headers.items()
) does not duplicate them. -
Vulnerability Management for Code-level (IAST): Some native exceptions were not being caught correctly by the python tracer. This fix remove those exceptions to avoid fatal error executions.
-
kafka: This fix resolves an issue where an empty message list returned from consume calls could cause crashes in the Kafka integration. Empty lists from consume can occur when the call times out.
-
logging: This fix resolves an issue where
tracer.get_log_correlation_context()
incorrectly returned a 128-bit trace_id even withDD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED
set toFalse
(the default), breaking log correlation. It now returns a 64-bit trace_id. -
Profiling: Fixes a defect where the deprecated path to the Datadog span type was used by the profiler.
-
Profiling: This fix resolves an issue where the profiler was forcing protobuf to load in injected environments,
causing crashes in configurations which relied on older protobuf versions. The profiler will now detect when injection is used and try loading with the native exporter. If that fails, it will self-disable rather than loading protobuf. -
pymongo: this resolves an issue where the library raised an error in
pymongo.pool.validate_session
-
ASM: This fix resolves an issue where an LFI attack on request path was not always detected with flask and uwsgi.
-
ASM: This fix removes non-required API security metrics.
-
Instrumentation: fixes crashes that could occur in certain integrations with packages that use non-integer components in their version specifiers
2.9.0rc1
Upgrade Notes
- aiopg: Upgrades supported versions to >=1.2. Drops support for 0.x versions.
New Features
- aiomysql, asyncpg, mysql, mysqldb, pymysql: Add Database Monitoring (DBM) for remaining mysql and postgres integrations lacking support.
- aiomysql, aiopg: Implement span service naming determination to be consistent with other database integrations.
- ASM: This introduces the capability to enable or disable SCA using the environment variable
DD_APPSEC_SCA_ENABLED
. By default this env var is unset and in that case it doesn't affect the product. - Code Security: taint strings from gRPC messages.
- ASM: This introduces Exploit Prevention for Application Security Management for LFI (using file opening with standard CPython API) and SSRF (using either standard CPython API urllib or the requests package available on pypi). By default, the feature is disabled, but it can be enabled with
DD_APPSEC_RASP_ENABLED=true
in the environment. - botocore: This introduces tracing support for bedrock-runtime embedding operations.
- Vulnerability Management for Code-level (IAST): to enable IAST in the application, you had to start it with the command
ddtrace-run [your-application-run-command]
so far. Now, you can also activate IAST with thepatch_all
function. - langchain: This adds tracing support for LCEL (LangChain Expression Language) chaining syntax. This change specifically adds synchronous and asynchronous tracing support for the
invoke
andbatch
methods.
Bug Fixes
-
Code Security: fix setting the wrong source on map elements tainted from
taint_structure
. -
Code Security: Fixes an issue where the AST patching process fails when the origin of a module is reported as None, raising a
FileNotFoundError
. -
CI Visibility: fixes an issue where tests were less likely to be skipped due to ITR skippable tests requests timing out earlier than they should
-
Code Security: This fix solves an issue with fstrings where formatting was not applied to int parameters
-
tracing: This fix resolves an issue where sampling rules were not matching correctly on float values that had a 0 decimal value. Sampling rules now evaluate such values as integers.
-
langchain: This fix resolves an issue where the LangChain integration always attempted to patch LangChain partner
libraries, even if they were not available. -
langchain: This fix resolves an issue where tracing
Chain.invoke()
instead ofChain.__call__()
resulted in the anArgumentError
due to an argument name change for inputs between the two methods. -
langchain: This fix adds error handling for checking if a traced LLM or chat model is an OpenAI instance, as the langchain_community package does not allow automatic submodule importing.
-
internal: This fix resolves an error regarding the remote config module with payloads missing a
lib_config
entry -
Profiling: fix a bug that caused the HTTP exporter to crash when attempting to serialize tags.
-
grpc: Resolves segfaults raised when grpc.aio interceptors are registered
-
Code Security (IAST): Fixed an issue with AES functions from the pycryptodome package that caused the application to crash and stop.
-
Code Security: Ensure that when tainting the headers of a Flask application, iterating over the headers (i.e., with
headers.items()
) does not duplicate them. -
Vulnerability Management for Code-level (IAST): Some native exceptions were not being caught correctly by the python tracer. This fix remove those exceptions to avoid fatal error executions.
-
kafka: This fix resolves an issue where an empty message list returned from consume calls could cause crashes in the Kafka integration. Empty lists from consume can occur when the call times out.
-
logging: This fix resolves an issue where
tracer.get_log_correlation_context()
incorrectly returned a 128-bit trace_id even withDD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED
set toFalse
(the default), breaking log correlation. It now returns a 64-bit trace_id. -
Profiling: Fixes a defect where the deprecated path to the Datadog span type was used by the profiler.
-
Profiling: This fix resolves an issue where the profiler was forcing protobuf to load in injected environments,
causing crashes in configurations which relied on older protobuf versions. The profiler will now detect when injection is used and try loading with the native exporter. If that fails, it will self-disable rather than loading protobuf. -
pymongo: this resolves an issue where the library raised an error in
pymongo.pool.validate_session
-
ASM: This fix resolves an issue where an LFI attack on request path was not always detected with flask and uwsgi.
-
ASM: This fix removes non-required API security metrics.
-
Instrumentation: fixes crashes that could occur in certain integrations with packages that use non-integer components in their version specifiers