v5.18.0 #4496

juan-fernandez · 2024-07-10T09:52:49Z

Improvements

[appsec]: Update appsec rules to 1.12.0 update appsec rules to 1.12.0 #4398
[appsec]: Collect request headers on user event Collect request headers on user event #4385
[iast]: Update native-iast-taint-tracking to 3.0.0 Update @datadog/native-iast-taint-tracking module to 3.0.0 #4464
[appsec]: Update default appsec obfuscation regex Update default appsec obfuscation regex #4472
[aws-sdk]: Improve AWS SQS Data Streams Monitoring tracing experience tracing(aws-sdk): improve sqs dsm tracing experience #4425

Features

[test-visibility] Add support for vitest [test-visibility] Add support for vitest #4415
[test-visibility] Add automatic flaky test retries to Mocha [test visibility] Add automatic flaky test retries to Mocha #4453
[test-visibility] Flaky test retries for cucumber [test-visibility] Flaky test retries for cucumber #4491
[appsec]: Standalone ASM billing with DD_EXPERIMENTAL_APPSEC_STANDALONE_ENABLED Standalone ASM configuration and span tags #4291, Standalone ASM priority sampler and tag propagation #4416
[aws-sdk]: Add batchPropagationEnabled configuration option to inject all messages with trace context during AWS SQS, SNS, and Kinesis batch send operations tracing(aws): add configuration option to inject all messages with trace context during SQS, SNS, and Kinesis batch send operations #4434
[aws-sdk] feat: add dd_tags to datastreams monitoring stats payload feat: add dd_tags to datastreams monitoring stats payload #4481

Bug fixes

[openai] fix(openai): safe require tiktoken for webpack bundlers fix(openai): safe require tiktoken for webpack bundlers #4433
[test-visibility] Do not unsafely access .steps from test result in playwright [test-visibility] Do not unsafely access .steps from test result in playwright #4471
[esm] upgrade import-in-the-middle to 1.8.1, fix various ESM bugs update dep: import-in-the-middle@^1.8.1 from ^1.7.4 #4414
[child_process] default to tracer service name fix: child_process: default to tracer service name #4417

--------- Co-authored-by: Carles Capell <[email protected]> Co-authored-by: simon-id <[email protected]>

* Fix cassandra tests * Use cassandra 2.2.4 * Use cassandra 3

* Stack trace collection configuration * Collect and report stack trace for appsec events * Handle generate_stack waf action * Fix linting in config.spec.js * Add assertion for stack trace tag in meta_struct for express test * Refactor reportStackTrace and some additional test * Fix lint * Additional assert in reportStackTrace test * Update config * Rework on stack trace collection * Callsite line and column as numbers * Update packages/dd-trace/src/appsec/stack_trace.js Co-authored-by: Ugaitz Urien <[email protected]> * Update packages/dd-trace/src/appsec/stack_trace.js Co-authored-by: Ugaitz Urien <[email protected]> * Reorder test structure * Fix linting * No exploit stack limit when max is set to 0 or below * Fix filtered and capped frames case * Fix lint --------- Co-authored-by: Ugaitz Urien <[email protected]>

* Add JS Hapi macrobenchmark * Specify dd-trace-js version via DDTRACE_INSTALL_VERSION * Fix branch name * Tweak RPS * Tweak benchmark duration * Repeatability testing * Add retries on Gitlab internal system failures, tweak RPS * Keep only 2 variants for a moment --------- Co-authored-by: Dmytro Yurchenko <[email protected]>

* DD_APM_TRACING_ENABLED and span _dd.apm.enabled tag * clean up * Use MANUAL_KEEP const * Add _dd.p.appsec tag on standalone ASM events * Include apmTracingEnabled checks * Appsec Reporter tests * Appsec sdk track_event test * Use numeric value for _dd.p.appsec * Include appsec standalone config in .ts files * Clean up null and undefined values * Remove not needed config properties * standalone module * Clean up * standalone proxy test * Update packages/dd-trace/test/appsec/iast/vulnerability-reporter.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * appsec reporter test * Use standalone singletone in vulnerability-reporter * continue applying ratelimiter on appsec standalone events * Update packages/dd-trace/src/appsec/reporter.js Co-authored-by: simon-id <[email protected]> * Add _dd.apm.enabled:0 in root spans with remote parent * Use a method to add the tag * Remove apmTracingEnabled config property * Add _dd.p.appsec tag in trace tags * Some tests * Set _dd.apm.enabled in root span * configure standalone if _tracingInitialized * Use dd-trace:span:start channel * Clean up * use a meta tag * hasSubscribers check * test description * Check span context has tags before using them and check if config has changed * clean up * Clean up * Clean up * clean up * Update packages/dd-trace/test/appsec/sdk/track_event.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * Update packages/dd-trace/test/appsec/standalone.spec.js Co-authored-by: Ugaitz Urien <[email protected]> * protect sample method * Use assert instead expect * unsubscribe after test * suggestions --------- Co-authored-by: Ugaitz Urien <[email protected]> Co-authored-by: simon-id <[email protected]>

* Fix null filename on frame filtering * Use startsWith instead of includes on callSite filename check * Rework stack trace reporting when callistelist is undefined * Avoid checking for max stack trace depth twice * Use Array(n).fill() instead of [...Array(n).keys()] * Fix linting

* increase timeout for aws-sdk and next tests * increase timeout for profiling integration tests * increase timeout for appsec tests * increase timeout for next test setup

* remove get-port usage from http tests and test agent * move test tracer init after port allocation

* ensure datadog attributes are received by sqs and set DSM extraction context in request complete if no callback is used

* remove most usage of get-port for plugins * remove get-port from instrumentation tests * fix new test

This reverts commit 22e4d55.

* fix * change typo * add tiktoken as dev dependency for testing * change tests to check tiktoken usage * test in-house estimator separately * add tiktoken license to third party

* Add guardrails for SSI * PR feedback * test on a swath of versions, in CI only

… playwright (#4471)

* update otel invalid telemetry calculation

…#4473)

pr-commenter · 2024-07-10T10:01:40Z

Benchmarks

Benchmark execution time: 2024-07-10 15:39:00

Comparing candidate commit 5e2767c in PR branch v5.18.0-proposal with baseline commit c465dbf in branch v5.x.

Found 19 performance improvements and 0 performance regressions! Performance is the same for 242 metrics, 5 unstable metrics.

scenario:exporting-pipeline-0.4-18

🟩 cpu_user_time [-22.007ms; -16.166ms] or [-8.151%; -5.988%]
🟩 execution_time [-25.747ms; -18.548ms] or [-8.251%; -5.944%]
🟩 instructions [-55.9M instructions; -55.4M instructions] or [-7.116%; -7.061%]

scenario:exporting-pipeline-0.4_with_stats-18

🟩 cpu_user_time [-20.105ms; -14.617ms] or [-7.437%; -5.407%]
🟩 execution_time [-23.674ms; -16.505ms] or [-7.584%; -5.287%]
🟩 instructions [-55.7M instructions; -55.3M instructions] or [-7.075%; -7.023%]

scenario:exporting-pipeline-0.5-18

🟩 cpu_user_time [-22.088ms; -17.519ms] or [-9.852%; -7.814%]
🟩 execution_time [-22.706ms; -15.842ms] or [-8.675%; -6.053%]
🟩 instructions [-56.5M instructions; -55.0M instructions] or [-9.794%; -9.524%]

scenario:exporting-pipeline-0.5_with_stats-18

🟩 cpu_user_time [-20.437ms; -15.555ms] or [-9.083%; -6.913%]
🟩 execution_time [-23.463ms; -16.002ms] or [-8.890%; -6.063%]
🟩 instructions [-55.5M instructions; -53.4M instructions] or [-9.589%; -9.224%]

scenario:scope-manager-async_hooks-18

🟩 cpu_user_time [-28.850ms; -20.703ms] or [-29.982%; -21.516%]
🟩 instructions [-63.4M instructions; -57.5M instructions] or [-20.006%; -18.155%]

scenario:scope-manager-async_local_storage-18

🟩 instructions [-63.2M instructions; -57.5M instructions] or [-19.973%; -18.187%]

scenario:scope-manager-async_resource-18

🟩 cpu_user_time [-32.030ms; -22.988ms] or [-33.805%; -24.262%]
🟩 instructions [-63.5M instructions; -57.7M instructions] or [-20.051%; -18.205%]

scenario:scope-manager-base-18

🟩 cpu_user_time [-31.399ms; -22.031ms] or [-32.610%; -22.880%]
🟩 instructions [-63.5M instructions; -57.7M instructions] or [-20.038%; -18.232%]

codecov · 2024-07-10T12:27:05Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Please upload report for BASE (v5.x@c465dbf). Learn more about missing BASE report.

Additional details and impacted files

@@           Coverage Diff           @@
##             v5.x    #4496   +/-   ##
=======================================
  Coverage        ?   95.77%           
=======================================
  Files           ?      101           
  Lines           ?     3267           
  Branches        ?       33           
=======================================
  Hits            ?     3129           
  Misses          ?      138           
  Partials        ?        0

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

* add dd_tags to dsm stats payload data

uurien and others added 30 commits July 10, 2024 11:46

Exploit prevention metrics (#4370)

31a88ef

--------- Co-authored-by: Carles Capell <[email protected]> Co-authored-by: simon-id <[email protected]>

update appsec rules to 1.12.0 (#4398)

02379d4

Fix cassandra tests (#4403)

4797c12

* Fix cassandra tests * Use cassandra 2.2.4 * Use cassandra 3

add datadog static analyzer (#4409)

ad9500e

update dep: import-in-the-middle@^1.8.1 (#4414)

0b35f31

Improve nextjs tests flakyness (#4411)

52fc3ca

fix: child_process: default to tracer service name (#4417)

ab74445

increase timeout for aws-sdk and next tests (#4421)

61d04dd

* increase timeout for aws-sdk and next tests * increase timeout for profiling integration tests * increase timeout for appsec tests * increase timeout for next test setup

fix missing on section in static analysis yaml (#4422)

52aa03a

remove get-port usage from http tests and test agent (#4426)

f313876

* remove get-port usage from http tests and test agent * move test tracer init after port allocation

Fix rasp tests (#4432)

013e24b

test: add a test for express 404 errors (#4423)

24fe532

remove most get-port usage in appsec tests (#4428)

d350b46

remove actual resolution for dns resolve test (#4430)

9f58562

increase timeout of profiler integration test to 30s (#4431)

f328139

tracing(aws-sdk): improve sqs dsm tracing experience (#4425)

a15d60b

* ensure datadog attributes are received by sqs and set DSM extraction context in request complete if no callback is used

deps: upgrade lru-cache@^7.14.0 -> ^10.2.2 (#4435)

7a85bdf

remove most usage of get-port for plugin tests (#4429)

07457c6

* remove most usage of get-port for plugins * remove get-port from instrumentation tests * fix new test

Revert "deps: upgrade lru-cache@^7.14.0 -> ^10.2.2 (#4435)" (#4437)

14cd6ae

This reverts commit 22e4d55.

[CI] Use system-tests reusable workflow for PARAMETRIC scenario (#4438)

7b2f4b5

fix(openai): safe require tiktoken for webpack bundlers (#4433)

34c78f2

* fix * change typo * add tiktoken as dev dependency for testing * change tests to check tiktoken usage * test in-house estimator separately * add tiktoken license to third party

split couchbase tests by major version (#4439)

9f4e5c3

split nextjs tests by major versions (#4441)

0948797

increase timeout for integration test helpers to 30s (#4443)

ace344f

Add runtime guardrail for SSI (#4319)

3f0e5bb

* Add guardrails for SSI * PR feedback * test on a swath of versions, in CI only

remove async_hooks implem (#4399)

2ca11a9

rochdev and others added 13 commits July 10, 2024 11:56

split cypress integration tests by module type (#4470)

56b1eec

Update default appsec obfuscation regex (#4472)

ec89ba7

[test-visibility] Do not unsafely access .steps from test result in…

7534086

… playwright (#4471)

[test-visibility] Fix vitest instrumentation (#4480)

b1ad33f

Update Otel Invalid Telemetry Calculation (#4369)

f55d71d

* update otel invalid telemetry calculation

ci: upgrade elasticsearch service to latest 7.x (#4478)

00fec42

PROF-9979: Use SIMPLE_CONTAINER_AUTO_INJECTION_PROFILING in SSI tests (…

327f83c

…#4473)

[test visibility] Add automatic flaky test retries to Mocha (#4453)

07efec4

Fix a typo that disabled debug message logging (#4490)

48d8981

remove node 14 tests for aerospike (#4484)

84e90be

increase timeout to 60s for ci integration tests (#4485)

a442885

release dev version only when a label is used (#4483)

26cc0f3

[test-visibility] Flaky test retries for cucumber (#4491)

692743d

juan-fernandez marked this pull request as ready for review July 10, 2024 12:36

juan-fernandez requested a review from a team as a code owner July 10, 2024 12:36

Use http.get instead of fetch in asm standalone tests (#4500)

b653b3d

juan-fernandez force-pushed the v5.18.0-proposal branch from 4df3edc to b653b3d Compare July 10, 2024 13:56

juan-fernandez and others added 7 commits July 10, 2024 16:02

Fix init.spec.js test for node 16 (v4 release) (#4499)

d9389b5

feat: add dd_tags to datastreams monitoring stats payload (#4481)

17b6c33

* add dd_tags to dsm stats payload data

split nextjs tests even more and increase timeout (#4486)

3946606

add mocha configuration file and increase default timeout (#4493)

df5d0d7

Do not run undici tests for node16 and >=6.0.0 (#4501)

a8ead3e

[test-visibility] Fix mocha plugin tests (#4495)

d8560ba

v5.18.0

5e2767c

uurien approved these changes Jul 10, 2024

View reviewed changes

tlhunter approved these changes Jul 10, 2024

View reviewed changes

juan-fernandez merged commit 01464c7 into v5.x Jul 11, 2024
169 checks passed

juan-fernandez deleted the v5.18.0-proposal branch July 11, 2024 07:39

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

v5.18.0 #4496

v5.18.0 #4496

juan-fernandez commented Jul 10, 2024 •

edited

Loading

pr-commenter bot commented Jul 10, 2024 •

edited

Loading

codecov bot commented Jul 10, 2024 •

edited

Loading

v5.18.0 #4496

v5.18.0 #4496

Conversation

juan-fernandez commented Jul 10, 2024 • edited Loading

Improvements

Features

Bug fixes

pr-commenter bot commented Jul 10, 2024 • edited Loading

Benchmarks

scenario:exporting-pipeline-0.4-18

scenario:exporting-pipeline-0.4_with_stats-18

scenario:exporting-pipeline-0.5-18

scenario:exporting-pipeline-0.5_with_stats-18

scenario:scope-manager-async_hooks-18

scenario:scope-manager-async_local_storage-18

scenario:scope-manager-async_resource-18

scenario:scope-manager-base-18

codecov bot commented Jul 10, 2024 • edited Loading

Codecov Report

juan-fernandez commented Jul 10, 2024 •

edited

Loading

pr-commenter bot commented Jul 10, 2024 •

edited

Loading

codecov bot commented Jul 10, 2024 •

edited

Loading