2.7.0rc1

Deprecation Notes

• tracing: Using [] for DD_TRACE_METHODS (mymod.mysubmod.myclass[myfunc,otherfunc];...) is deprecated and will be removed in 3.0.0.
• This deprecates the passing in of methods or regex patterns for service, name, and resource for sampling rules. Please use the new Glob matching support instead.

New Features

• asgi: Trace websockets in asgi middleware behind feature flag. Set DD_ASGI_TRACE_WEBSOCKET=true to enable.
• tracing: Span and trace sampling rules are case insensitive.
• tracing: Tags provided in span and trace sampling rules now attempt to match against span._metrics in addition to span._meta, which was previously the only supported field.
• dbm: adds new ddh and dddb SQL comment attributes to enable connection with APM when using peer.service.
• tracing: Updates DD_TRACE_METHODS to use a new notation with : to differentiate between the base module and the method name (mymod.mysubmod:myclass.myfunc,myclass.otherfunc;...)
• tracing: This adds the Datadog-Entity-ID header to payloads sent to the Datadog Agent. This header can be set to the container ID or the container's cgroup node inode, and serves as a unique identifier for containers running under Linux cgroupv2.
• tracing: This introduces Glob matching support for service, name, and resource passed in with envar DD_TRACE_SAMPLE_RULES. Previously, the service, name, and resource were matched using exact string matching.
• lib-injection: Adds supports for installing ddtrace via single step instrumentation on python3.12

Bug Fixes

• tracing: This fix resolves an issue where previously some traces that were not sampled were not sent to the trace-agent, possibly affecting metrics. With this fix, all traces are sent to the agent.
• IAST: fix potentially empty ranges after executing the decode aspect.
• CI Visibility: fixes issues with pytest~=8.0 that would case crashes in certain scenarios, and returned different module names
• CI Visibility: fix a potential crash for Python<3.10 when a socket.timeout error was raised instead of the expected TimeoutError during CI Visibility API requests
• CI Visibility: This fix makes the CI Visibility system resilient to RuntimeErrors that can occur between pytest tests with coverage enabled.
• IAST: don't patch BytesIO since we don't have any aspects for it.
• tracing: This fix resolves an issue where the tracer could throw an uncaught error during process shutdown.
• botocore: Fixes bug where SQS and Kinesis results and errors were not recorded when DD_BOTOCORE_EMPTY_POLL_ENABLED=false. config.botocore.empty_poll_enabled=false and no records were found.
• profiling: fixes an issue that could have caused the profiler to stop if unable to determine the class name of a profiled function with CPython 3.11 and newer.
• tracing: Resolves telemetry import error raised when DD_INSTRUMENTATION_TELEMETRY_ENABLED is set to False.
• ASM: This fix resolves an issue where rules updated through remote config were not properly updating required waf addresses. This could lead to custom rules being ignored.
• ASM: This fix resolves an issue where remote config update in WAF policy from block attack tools policy to monitoring only policy could be ignored by tracer.
• Vulnerability Management for Code-level (IAST): Fixes an issue where requests stopped being analyzed after some time due.
• Vulnerability Management for Code-level (IAST): Fixes issues derived from AST patching code with type annotations.
• kafka: This fix resolves an issue where the use of a Kafka DeserializingConsumer could result in a crash when the deserializer in use returns a type without a __len__ attribute.

2.6.5

Bug Fixes

• Vulnerability Management for Code-level (IAST): fix potentially empty ranges after executing the decode aspect.
• Vulnerability Management for Code-level (IAST): Fixes an issue where requests stopped being analyzed after some time due.

1.20.17

Bug Fixes

• dynamic instrumentation: Fix an issue that caused the instrumented application to fail to start if a non-standard module was imported.
• ASM: This fix resolves an issue where rules updated through remote config were not properly updating required WAF addresses. This could lead to custom rules being ignored.

2.6.4

Bug Fixes

• CI Visibility: fixes issues with pytest~=8.0 that would case crashes in certain scenarios, and returned different module names
• CI Visibility: fix a potential crash for CPython<3.10 when a socket.timeout error was raised instead of the expected TimeoutError during CI Visibility API requests
• profiling: fixes an issue that could have caused the profiler to stop if unable to determine the class name of a profiled function with CPython 3.11 and newer.

2.5.3

Bug Fixes

• tracing: This fix resolves an issue where previously some traces that were not sampled were not sent to the trace-agent, possibly affecting metrics. With this fix, all traces are sent to the agent.
• CI Visibility: This fix makes the CI Visibility system resilient to RuntimeErrors that can occur between pytest tests with coverage enabled.
• Vulnerability Management for Code-level (IAST): don't patch BytesIO since we don't have any aspects for it.
• ASM: This fix resolves an issue where suspicious request blocking on request data was preventing API Security to collect schemas in FastAPI, due to route not being computed.
• ASM: This fix resolves an issue where rules updated through remote config were not properly updating required waf addresses. This could lead to custom rules being ignored.
• Vulnerability Management for Code-level (IAST): Fixes a bug in the str aspect where encoding and errors arguments were not honored correctly.
• Vulnerability Management for Code-level (IAST): Fixes issues derived from AST patching code with type annotations.

2.6.3

Bug Fixes

• tracing: This fix resolves an issue where previously some traces that were not sampled were not sent to the trace-agent, possibly affecting metrics. With this fix, all traces are sent to the agent.
• ASM: This fix resolves an issue where rules updated through remote config were not properly updating required waf addresses. This could lead to custom rules being ignored.

2.4.4

Bug Fixes

• CI Visibility: This fix makes the CI Visibility system resilient to RuntimeErrors that can occur between pytest tests with coverage enabled.
• ASM: This fix resolves an issue where rules updated through remote config were not properly updating required waf addresses. This could lead to custom rules being ignored.
• Vulnerability Management for Code-level (IAST): Fixes a bug in the str aspect where encoding and errors arguments were not honored correctly.
• Vulnerability Management for Code-level (IAST): Fixes issues derived from AST patching code with type annotations.
• Pin importlib_metadata to 6.5.0 to avoid its issue 455 (python/importlib_metadata#455).

2.6.2

Bug Fixes

• botocore: Fixes bug where SQS and Kinesis results and errors were not recorded when DD_BOTOCORE_EMPTY_POLL_ENABLED=false. config.botocore.empty_poll_enabled=false and no records were found.
• tracing: Resolves telemetry import error raised when DD_INSTRUMENTATION_TELEMETRY_ENABLED is set to False.

2.6.1

Bug Fixes

• botocore: Fixes bug that was causing spans to be created when DD_BOTOCORE_EMPTY_POLL_ENABLED=false is set and sqs.receiveMessage and kinesis.getRecords operations return no records.
• CI Visibility: This fix makes the CI Visibility system resilient to RuntimeErrors that can occur between pytest tests with coverage enabled.
• Vulnerability Management for Code-level (IAST): don't patch BytesIO since we don't have any aspects for it.
• Vulnerability Management for Code-level (IAST): Fixes issues derived from AST patching code with type annotations.

2.6.0

Upgrade Notes

• CI Visibility: DD_CIVISIBILITY_ITR_ENABLED now defaults to true, and the Datadog API (configured via the Datadog dashboard) now determines whether code coverage and test skipping are enabled.
• CI Visibility: the CI Visibility service is no longer enabled when the initial query to the Datadog test service settings API fails due to a 403 status code.

New Features

• botocore: Adds optional feature to propagate context between producers and consumers for AWS SQS, AWS SNS, and AWS Kinesis via DD_BOTOCORE_PROPAGATION_ENABLED environment variable. Adds optional feature to disable tracing of AWS SQS poll() operation and AWS Kinesis 'get_records()' operation when no data is consumed via DD_BOTOCORE_EMPTY_POLL_ENABLED environment variable.
• tracing: Adds new tag python_main_package containing the name of the main package of the application.
• profiling: Adds new tag python_main_package containing the name of the main package of the application.
• ASM: API Security schema collection is now officially supported for Django, Flask and FastAPI. It is enabled by default and can be disabled in the tracer using environment variable DD_API_SECURITY_ENABLED=false It will only be active when ASM is also enabled.
• elasticsearch: This allows custom tags to be set on Elasticsearch spans via the Pin interface.
• botocore: This introduces tracing support for bedrock-runtime operations.
  See the docs for more information.
• datastreams: this change adds kombu auto-instrumentation for datastreams monitoring.
• tracing: this change adds the DD_KOMBU_DISTRIBUTED_TRACING flag (default True)
• Vulnerability Management for Code-level (IAST): Add support for CMDi in langchain.
• botocore: Add the ability to inject trace context into the input field of botocore stepfunction start_execution and start_sync_execution calls.
• Removes another place where we always load instrumentation telemetry, even if it is disabled
• tracing: This introduces the ability to disable tracing at runtime based on configuration values sent from the Datadog frontend. Disabling tracing in this way also disables instrumentation telemetry.
• tracing: Adds support for remote configuration of DD_TRACE_HEADER_TAGS
• tracing: Add support for remote configuration of trace-logs correlation.
• grpc/grpc_aio: reports the available target host in client spans as network.destination.ip if only an IP is available, peer.hostname otherwise.
• span: Adds a public api for setting span links
• starlette,fastapi: Trace background tasks using span links

Bug Fixes

• ASM: This fix resolves an issue where an exception would be logged while parsing an empty body JSON request.
• CI Visibility: fixes an issue where coverage data for suites could be lost for long-running test sessions, reducing the possibility of skipping tests when using the Intelligent Test Runner.
• IAST: Don't split AST Assign nodes since it's not needed for propagation to work.
• ASM: This fix resolves an issue where suspicious request blocking on request data was preventing API Security to collect schemas in FastAPI, due to route not being computed.
• ASM: This fix resolves an issue where ASM custom blocking actions with a redirect action could cause the server to drop the response.
• Fixed an incompatible version requirements for one of the internal dependencies that could have caused an exception to be raised at runtime with Python 3.12.
• data_streams: This change fixes a bug leading to lag being reported as 1 offset instead of 0 offsets.
• IAST: fixes import overhead when IAST is disabled.
• Fix an incomplete support for pkg_resouces that could have caused an exception on start-up.
• Fix an issue that caused an exception to be raised when trying to access resource files via pkg_resources.
• Fix for an import issue that caused the pytest plugin to fail to properly initialize a test session and exit with an import exception.
• openai: This fixes a bug that prevents logs from being correlated with traces in the Datadog UI.
• langchain: This fixes a bug that prevents logs from being correlated with traces in the Datadog UI.
• openai: This fix resolves an issue where an internal OpenAI method SyncAPIClient._process_response
  was not being patched correctly and led to to an AttributeError while patching.
• profiling: handle a potential system error that may be raised when running a Celery-based application with CPython 3.11.
• Fixed an issue that could have caused an exception as a result of a concurrent access to some internal value cache.
• tracing: Ensures span links are serialized with the expected traceflag when DD_TRACE_API_VERSION=v0.4
• ASM: This fix resolves an issue where IP Headers configured by the user in the environment could not work for frameworks handling requests with case insensitive headers like FastAPI.
• Vulnerability Management for Code-level (IAST): Fixes a bug in the str aspect where encoding and errors arguments were not honored correctly.
• Vulnerability Management for Code-level (IAST): Fix an unhandled ValueError in ast_function thrown in some cases (i.e. Numpy arrays when converted to bool).
• opentelemetry: Ensures that span links are serialized in a json-compatible representation.
• Pin importlib_metadata to 6.5.0 to avoid its issue 455 (python/importlib_metadata#455).
• profiler: Fixes a sigabrt when shutdown occurs during an upload
• otel: Ensures all otel sampling decisions are consistent with Datadog Spans. This prevents otel spans in a distrbuted trace from being sampled differently than Datadog spans in the same trace.
• tracing: Fix an issue where remote configuration values would not be reverted when unset in the UI.
• tracing: Ensures hostnames are reported in statsd metrics if DD_TRACE_REPORT_HOSTNAME=True (default value is False).

Other Changes

• setup: pins the default macOS deployment target to 10.14.
• tracing: Updates the default value of DD_TRACE_PROPAGATION_STYLE from tracecontext,datadog to datadog,tracecontext. With this change datadog headers will be parsed before tracecontext headers. This change is backwards compatible and should not affect existing users.