Ddtrace

Bug Fixes

- Code Security: This fix solves an issue with fstrings where formatting was not applied to int parameters


---

Bug Fixes

- internal: This fix resolves an error regarding the remote config module with payloads missing a `lib_config` entry
- Code Security: Ensure that when tainting the headers of a Flask application, iterating over the headers (i.e., with <span class="title-ref">headers.items()</span>) does not duplicate them.
- pymongo: this resolves an issue where the library raised an error in `pymongo.pool.validate_session`


---

Bug Fixes

- ASM: This fix resolves an issue where django login failure events may send wrong information of user existence.
- Code Security: fix setting the wrong source on map elements tainted from <span class="title-ref">taint_structure</span>.
- datastreams: Changed DSM processor error logs to debug logs for a statement which is retried. If all retries fail, the stack trace is included
- Code Security: Fixes an issue where the AST patching process fails when the origin of a module is reported as None, raising a `FileNotFoundError`.
- CI Visibility: fixes an issue where tests were less likely to be skipped due to ITR skippable tests requests timing out earlier than they should
- internal: This fix resolves an issue where importing the `ddtrace.contrib.botocore.services` module would fail raising an ImportError
- starlette: Fix a bug that crashed background tasks started from functions without a <span class="title-ref">\_\_name\_\_</span> attribute
- Code Security: Fixed an issue with AES functions from the pycryptodome package that caused the application to crash and stop.
- Code Security: This fix addresses an issue where tainting objects may fail due to context not being created in the current span.
- Code Security: Some native exceptions were not being caught correctly by the python tracer. This fix remove those exceptions to avoid fatal error executions.
- ASM: This fix removes unrequired API security metrics.
- structlog: Fixes error where multiple loggers would duplicate processors. Also adds processors injection when resetting to defaults.

---

Bug Fixes

- propagation: This fix resolves an issue where the sampling decision-maker tag in tracestate propagation headers was clobbered by a default value.
- langchain: Ensures langchain vision APIs are correctly instrumented
- ASM: This fix resolves an issue where the asgi middleware could crash with a RuntimeError "Unexpected message received".
- kafka: This fix resolves an issue where `None` messages from confluent-kafka could cause crashes in the Kafka integration.


---

Upgrade Notes

- CI Visibility: `DD_CIVISIBILITY_ITR_ENABLED` now defaults to true, and the Datadog API (configured via the Datadog dashboard) now determines whether code coverage and test skipping are enabled.
- CI Visibility: the CI Visibility service is no longer enabled when the initial query to the Datadog test service settings API fails due to a 403 status code.

New Features

- botocore: Adds optional feature to propagate context between producers and consumers for AWS SQS, AWS SNS, and AWS Kinesis via <span class="title-ref">DD_BOTOCORE_PROPAGATION_ENABLED</span> environment variable. Adds optional feature to disable tracing of AWS SQS <span class="title-ref">poll()</span> operation and AWS Kinesis 'get_records()' operation when no data is consumed via <span class="title-ref">DD_BOTOCORE_EMPTY_POLL_ENABLED</span> environment variable.

- tracing: Adds new tag <span class="title-ref">python_main_package</span> containing the name of the main package of the application. profiling: Adds new tag <span class="title-ref">python_main_package</span> containing the name of the main package of the application.

- ASM: API Security schema collection is now officially supported for Django, Flask and FastAPI. It can be enabled in the tracer using environment variable DD_API_SECURITY_ENABLED=true It will only be active when ASM is also enabled.

- elasticsearch: This allows custom tags to be set on Elasticsearch spans via the Pin interface.

- botocore: This introduces tracing support for bedrock-runtime operations.
See [the docs](https://ddtrace.readthedocs.io/en/stable/integrations.html#botocore) for more information.

- datastreams: this change adds kombu auto-instrumentation for datastreams monitoring. tracing: this change adds the `DD_KOMBU_DISTRIBUTED_TRACING` flag (default `True`)

- Vulnerability Management for Code-level (IAST): Add support for CMDi in langchain.

- botocore: Add the ability to inject trace context into the input field of botocore stepfunction start_execution and start_sync_execution calls.

- Removes another place where we always load instrumentation telemetry, even if it is disabled

- tracing: This introduces the ability to disable tracing at runtime based on configuration values sent from the Datadog frontend. Disabling tracing in this way also disables instrumentation telemetry.

- tracing: Adds support for remote configuration of `DD_TRACE_HEADER_TAGS`

- tracing: Add support for remote configuration of trace-logs correlation.

- grpc/grpc_aio: reports the available target host in client spans as `network.destination.ip` if only an IP is available, `peer.hostname` otherwise.

- span: Adds a public api for setting span links

- starlette,fastapi: Trace background tasks using span links

Bug Fixes

- ASM: This fix resolves an issue where an exception would be logged while parsing an empty body JSON request.

- CI Visibility: fixes an issue where coverage data for suites could be lost for long-running test sessions, reducing the possibility of skipping tests when using the Intelligent Test Runner.

- IAST: Don't split AST Assign nodes since it's not needed for propagation to work.

- ASM: This fix resolves an issue where suspicious request blocking on request data was preventing API Security to collect schemas in FastAPI, due to route not being computed.

- ASM: This fix resolves an issue where ASM custom blocking actions with a redirect action could cause the server to drop the response.

- Fixed an incompatible version requirements for one of the internal dependencies that could have caused an exception to be raised at runtime with Python 3.12.

- data_streams: This change fixes a bug leading to lag being reported as 1 offset instead of 0 offsets.

- IAST: fixes import overhead when IAST is disabled.

- Fix an incomplete support for pkg_resouces that could have caused an exception on start-up.

- Fix an issue that caused an exception to be raised when trying to access resource files via `pkg_resources`.

- Fix for an import issue that caused the pytest plugin to fail to properly initialize a test session and exit with an import exception.

- openai: This fixes a bug that prevents logs from being correlated with traces in the Datadog UI.

- langchain: This fixes a bug that prevents logs from being correlated with traces in the Datadog UI.

- openai: This fix resolves an issue where an internal OpenAI method <span class="title-ref">SyncAPIClient.\_process_response</span>
was not being patched correctly and led to to an AttributeError while patching.

- profiling: handle a potential system error that may be raised when running a Celery-based application with CPython 3.11.

- Fixed an issue that could have caused an exception as a result of a concurrent access to some internal value cache.

- tracing: Ensures span links are serialized with the expected traceflag when `DD_TRACE_API_VERSION=v0.4`

- ASM: This fix resolves an issue where IP Headers configured by the user in the environment could not work for frameworks handling requests with case insensitive headers like FastAPI.

- Vulnerability Management for Code-level (IAST): Fixes a bug in the `str` aspect where encoding and errors arguments were not honored correctly.

- Vulnerability Management for Code-level (IAST): Fix an unhandled ValueError in `ast_function` thrown in some cases (i.e. Numpy arrays when converted to bool).

- opentelemetry: Ensures that span links are serialized in a json-compatible representation.

- Pin importlib_metadata to 6.5.0 to avoid its issue 455 (<https://github.com/python/importlib_metadata/issues/455>).

- profiler: Fixes a sigabrt when shutdown occurs during an upload

- otel: Ensures all otel sampling decisions are consistent with Datadog Spans. This prevents otel spans in a distrbuted trace from being sampled differently than Datadog spans in the same trace.

- tracing: Fix an issue where remote configuration values would not be reverted when unset in the UI.

- tracing: Ensures hostnames are reported in statsd metrics if `DD_TRACE_REPORT_HOSTNAME=True` (default value is `False`).

Other Changes

- setup: pins the default macOS deployment target to 10.14.
- tracing: Updates the default value of `DD_TRACE_PROPAGATION_STYLE` from `tracecontext,datadog` to `datadog,tracecontext`. With this change w3c tracecontext headers will be parsed before datadog headers. This change is backwards compatible and should not affect existing users.

---

New Features

- aiohttp: add <span class="title-ref">split_by_domain</span> config to split service name by domain
- CI Visibility: Adds code coverage lines covered tag for `pytest` and `unittest`.
- aiohttp: Adds http.route tag to `aiohttp.request` spans.
- bottle: Adds http.route tag to `bottle.request` spans.
- falcon: Adds http.route tag to `falcon.request` spans.
- molten: Adds http.route tag to `molten.request` spans.
- Adds distributed tracing for confluent-kafka integration. Distributed tracing connects Kafka consumer spans with Kafka producer spans within the same trace if a message is valid. To enable distributed tracing, set the configuration: `DD_KAFKA_DISTRIBUTED_TRACING_ENABLED=True` for both the consumer and producer service.
- ASM: This introduces (experimental) api security support for fastAPI. Flask and Django were already supported in 2.4.0. Support schema computation on all addresses (requests and responses) and scanner support for pii, credentials and payment data.
- CI Visibility: introduces a CI visibility-specific logger (enabled for the `pytest` plugin), enabled by setting the `DD_CIVISIBILITY_LOG_LEVEL` environment variable (with the same level names as Python logging levels).
- CI Visibility: allows for waiting for the git metadata upload to complete before deciding whether or not to enable coverage (based on API response).
- Further lazy loads telemetry_writer so that it is not running when explicitly disabled. Users must explicitly set "DD_INSTRUMENTATION_TELEMETRY_ENABLED=false".
- tracer: Add support for remotely configuring trace tags.

Bug Fixes

- loguru: Ensures log correlation is enabled when the root logger is initialized. Previously, log correlation was only enabled when a new sink was added.
- Fix compatibility with other tools that try to infer the type of a Python object at runtime.
- tracing: Fixes a bug that prevents span links from being visualized in the Datadog UI.
- tracing: Resolves span encoding errors raised when span links do not contain expected types
- ASM: This fix resolves an issue where custom event boolean properties were not reported as <span class="title-ref">true</span> and <span class="title-ref">false</span> like other tracers but as <span class="title-ref">True</span> and <span class="title-ref">False</span>.
- Vulnerability Management for Code-level (IAST): Ensure that Cookies vulnerabilities report only the cookie name.
- langchain: This fix resolves an `get_openai_token_cost_for_model` import error in langhcain version 0.0.351 or later.
- ASM: This fix resolves an issue where IAST could cause circular dependency at startup.
- tracing: Ensures all fields in `ddtrace.context.Context` are picklable.
- pytest: This fix resolves an issue where the <span class="title-ref">--no-cov</span> flag did not take precedence over the <span class="title-ref">--cov</span> flag when deciding whether to report code coverage on spans.
- rq: Fixed a bug where the RQ integration would emit a warning when setting `job.status` span tag.

---