1.20.2

Bug Fixes

• kafka: Fixes ValueError raised when Consumer.commit(offsets=...) is called.
• profiling: Fixed an issue with data encoding where non-string objects might be interned on Python 3.11
• redis: Resolves UnboundLocalError raised when a traced redis command raises an exception.
• graphql: Resolves AttributeError raised while parsing graphql Documents where AST Location is None.

1.19.2

Bug Fixes

• dbm: this fixes an issue with attributing metrics to incorrect services when peer.service is enabled
• kafka: Fixes ValueError raised when Consumer.commit(offsets=...) is called.
• profiling: Fixed an issue with data encoding where non-string objects might be interned on Python 3.11
• graphql: Resolves AttributeError raised while parsing graphql Documents where AST Location is None.

1.18.6

Bug Fixes

• dbm: this fixes an issue with attributing metrics to incorrect services when peer.service is enabled
• kafka: Resolves an issue where traced kafka connections were assigned a default timeout of 1 second. The default timeout in Consumer.poll(...) should be None.
• openai: This fix resolves an issue where errors during streamed requests resulted in unfinished spans.
• profiling: Fixed an issue with data encoding where non-string objects might be interned on Python 3.11
• CI Visibility: fixes that Python 2.7 test results were not visible in UI due to improperly msgpack-ed data
• ASM: This fix resolves issue where user information was only set in root span. Now span for user information can be selected.

2.0.0rc2

New Features

• Vulnerability Management for Code-level (IAST): Weak randomness vulnerability detection.

Bug Fixes

• tracing: Encoding traces in the v05 format has a known issue for applications generating spans at a high frequency, causing approximately 1/10000000 spans to be misencoded. This change sets DD_TRACE_API_VERSION to v04 by default.

1.20.1

Bug Fixes

• tracing: Encoding traces in the v05 format has a known issue for applications generating spans at a high frequency, causing approximately 1/10000000 spans to be misencoded. This change sets DD_TRACE_API_VERSION to v04 by default.

1.19.1

Bug Fixes

• tracing: Encoding traces in the v05 format has a known issue for applications generating spans at a high frequency, causing approximately 1/10000000 spans to be misencoded. This change sets DD_TRACE_API_VERSION to v04 by default.

2.0.0rc1

Prelude

The Datadog APM Python team is happy to announce the release of v2.0.0 of ddtrace. This release drops support for Python 2.7, 3.5, and 3.6. This release adds support for Python 3.12.

Important

If you are on version of Python not supported by v2, we will continue to maintain the ddtrace v1 with bug fixes.

Note

Before upgrading to v2.0.0, we recommend users install ddtrace~=1.18.0 and enable deprecation warnings. All removals to the library interface and environment variables in v2 were deprecated in the 1.x release line.

Note

The changes to environment variables apply only to the configuration of the ddtrace library and not the Datadog Agent.

Upgrading summary

Functionality changes

The default logging configuration functionality of ddtrace has been changed to avoid conflicting with application logging configurations. DD_CALL_BASIC_CONFIG has been removed and the ddtrace logger will log to stdout by default, or a log file as specified using DD_TRACE_LOG_FILE.

Setting the environment variable DD_TRACE_PROPAGATION_STYLE='b3' to enable B3 propagation has been removed. Please use DD_TRACE_PROPAGATION_STYLE='b3multi' instead.

Removed deprecated environment variables

These environment variables have been removed. In all cases the same functionality is provided by other environment variables and replacements are provided as recommended actions for upgrading.

Variable	Replacement	Note
DD_GEVENT_PATCH_ALL	None	📝<remove-dd-gevent-patch-all>
DD_AWS_TAG_ALL_PARAMS	None	📝<remove-aws-tag-all-params>
DD_REMOTECONFIG_POLL_SECONDS	DD_REMOTE_CONFIG_POLL_INTERVAL_SECONDS	📝<rename-remote-config-poll-seconds>
DD_CALL_BASIC_CONFIG	None	📝<remove-basic-config>
DD_TRACE_OBFUSCATION_QUERY_STRING_PATERN	DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP	📝<remove-trace-obfuscation-query-string-pattern>

Removed deprecated library interfaces

These methods and module attributes have been removed. Where the same functionality is provided by a different public method or module attribute, a recommended action is provided for upgrading. In a few limited cases, because the interface was no longer used or had been moved to the internal interface, it was removed and so no action is provided for upgrading.

Module	Method/Attribute	Note
ddtrace.constants	APPSEC_ENABLED	📝<remove-appsec-private-constants>
	APPSEC_JSON	📝<remove-appsec-private-constants>
	APPSEC_EVENT_RULE_VERSION	📝<remove-appsec-private-constants>
	APPSEC_EVENT_RULE_ERRORS	📝<remove-appsec-private-constants>
	APPSEC_EVENT_RULE_LOADED	📝<remove-appsec-private-constants>
	APPSEC_EVENT_RULE_ERROR_COUNT	📝<remove-appsec-private-constants>
	APPSEC_WAF_DURATION	📝<remove-appsec-private-constants>
	APPSEC_WAF_DURATION_EXT	📝<remove-appsec-private-constants>
	APPSEC_WAF_TIMEOUTS	📝<remove-appsec-private-constants>
	APPSEC_WAF_VERSION	📝<remove-appsec-private-constants>
	APPSEC_ORIGIN_VALUE	📝<remove-appsec-private-constants>
	APPSEC_BLOCKED	📝<remove-appsec-private-constants>
	IAST_JSON	📝<remove-appsec-private-constants>
	IAST_ENABLED	📝<remove-appsec-private-constants>
	IAST_CONTEXT_KEY	📝<remove-appsec-private-constants>
ddtrace.contrib.fastapi.patch	span_modifier	📝<remove-fastapi-starlette-span-modifier>
	aggregate_resources	📝<remove-fastapi-starlette-aggregate-resources>
ddtrace.contrib.starlette.patch	span_modifier	📝<remove-fastapi-starlette-span-modifier>
	aggregate_resources	📝<remove-fastapi-starlette-aggregate-resources>
	get_resource	📝<remove-fastapi-starlette-span-modifier>
ddtrace.contrib.grpc.constants	GRPC_PORT_KEY	📝<remove-grpc-port-key>
ddtrace.ext.cassandra	ROW_COUNT	📝<remove-cassandra-row-count>
ddtrace.ext.mongo	ROWS	📝<remove-mongo-row-count>
ddtrace.ext.sql	ROWS	📝<remove-sql-row-count>
ddtrace.filters	TraceCiVisibilityFilter	📝<remove-trace-ci-visibility-filter>
ddtrace.tracer	DD_LOG_FORMAT	📝<remove-dd-log-format>

Upgrade Notes

• DD_GEVENT_PATCH_ALL is removed. There is no special configuration necessary to make ddtrace work with gevent if using ddtrace-run.

• DD_AWS_TAG_ALL_PARAMS is removed. The boto/botocore/aiobotocore integrations no longer collect all API parameters by default.

• DD_REMOTECONFIG_POLL_SECONDS is removed. Use the environment variable DD_REMOTE_CONFIG_POLL_INTERVAL_SECONDS instead.

• APPSEC_ENABLED, APPSEC_JSON, APPSEC_EVENT_RULE_VERSION, APPSEC_EVENT_RULE_ERRORS, APPSEC_EVENT_RULE_LOADED, APPSEC_EVENT_RULE_ERROR_COUNT, APPSEC_WAF_DURATION, APPSEC_WAF_DURATION_EXT, APPSEC_WAF_TIMEOUTS, APPSEC_WAF_VERSION, APPSEC_ORIGIN_VALUE, APPSEC_BLOCKED, IAST_JSON, IAST_ENABLED, IAST_CONTEXT_KEY are removed. This should not affect existing code as these deprecated ASM constants were meant for private use only.

• ddtrace.contrib.starlette.get_resource, ddtrace.contrib.starlette.span_modifier, and ddtrace.contrib.fastapi.span_modifier are removed. The starlette and fastapi integrations now provide the full route and not just the mounted route for sub-applications.

• ddtrace.contrib.starlette.config['aggregate_resources'] and ddtrace.contrib.fastapi.config['aggregate_resources'] are removed. The starlette and fastapi integrations no longer have the option to aggregate_resources, as it now occurs by default.

• ddtrace.contrib.grpc.constants.GRPC_PORT_KEY is removed. Use ddtrace.ext.net.TARGET_PORT instead.

• ddtrace.ext.cassandra.ROW_COUNT is removed. Use ddtrace.ext.db.ROWCOUNT instead.

• ddtrace.ext.mongo.ROW_COUNT is removed. Use ddtrace.ext.db.ROWCOUNT instead.

• ddtrace.ext.sql.ROW_COUNT is removed. Use ddtrace.ext.db.ROWCOUNT instead.

• ddtrace.filters.TraceCiVisibilityFilter is removed.

• ddtrace.tracer.DD_LOG_FORMAT is removed. As an alternative, please follow the log injection formatting as provided in the log injection docs.

• DD_CALL_BASIC_CONFIG is removed. There is no special configuration necessary to replace DD_CALL_BASIC_CONFIG. The ddtrace logger will log to stdout by default or additionally to a file specified by DD_TRACE_LOG_FILE.

• DD_TRACE_OBFUSCATION_QUERY_STRING_PATTERN is removed. Use DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP instead.

New Features

• Adds support for Python 3.12.

Known Issues

• aiohttp: Python 3.12 is not supported.
• aiohttp-jinja: Python 3.12 is not supported.
• aiobotocore: Python 3.12 is not supported.
• asm: IAST for Python 3.12 is not supported.
• flask-caching: Python 3.12 is not supported.
• openai/langchain: Python 3.12 is not supported.
• opentelemetry-a...

1.20.0

Prelude

Vulnerability Management for Code-level (IAST) is now available in private beta. Use the environment variable DD_IAST_ENABLED=True to enable this feature.

New Features

• ASM: This introduces support for custom blocking actions of type redirect_request.
• data_streams: Adds public api set_produce_checkpoint and set_consume_checkpoint

Bug Fixes

• kafka: Resolves an issue where traced kafka connections were assigned a default timeout of 1 second. The default timeout in Consumer.poll(...) should be None.
• openai: This fix resolves an issue where errors during streamed requests resulted in unfinished spans.

1.20.0rc1

Prelude

Vulnerability Management for Code-level (IAST) is now available in private beta. Use the environment variable DD_IAST_ENABLED=True to enable this feature.

New Features

• ASM: This introduces support for custom blocking actions of type redirect_request.
• data_streams: Adds public api set_produce_checkpoint and set_consume_checkpoint

Bug Fixes

• kafka: Resolves an issue where traced kafka connections were assigned a default timeout of 1 second. The default timeout in Consumer.poll(...) should be None.
• openai: This fix resolves an issue where errors during streamed requests resulted in unfinished spans.

1.19.0

Prelude

Vulnerability Management for Code-level (IAST) is now available in private beta. Use the environment variable DD_IAST_ENABLED=True to enable this feature.

New Features

• Adds the db.row_count tag to redis and other redis-like integrations. The tag represents the number of returned results.
• CI Visibility: adds test level visibility for unittest
• ASM: Adds detection of insecure cookie vulnerabilities on responses.
• ASM: This introduces trusted IPs capabilities in the tracer, to allow specific IPs not to be blocked by ASM but still be monitored.
• ASM: This introduces a new capability to configure the blocking response of ASM. Users can change the default blocking response behavior or create new custom actions. Configuration of a custom blocking page or payload can still be provided by using DD_APPSEC_HTTP_BLOCKED_TEMPLATE_JSON and DD_APPSEC_HTTP_BLOCKED_TEMPLATE_HTML to change the static files used for the response body. The action block, that can be defined in the static rule file or via remote configuration, allows now to create new custom blocking actions with any status code for the response.
• The aiopg and aiomysql integrations no longer set the sql.query tag on query spans. This tag duplicated the value captured by the span resource. Users who want to send this query unobfuscated can use the tracer API to set tags on the query span.
• data_streams: Starts tracking Kafka lag in seconds.
• kafka: Adds support for the Kafka serializing producer and deserializing consumer.
• profiling: allow individual collectors to be disabled.
• tracing: This change introduces the allow_false keyword argument to BaseSampler.sample(), which defaults to True. allow_false controls the function's return value. If allow_false is False, the function will always return True regardless of the sampling decision it made. This is useful when sample is called only for its side effects, which can include setting span tags.

Known Issues

• There are known issues configuring python's builtin multiprocessing library when ddtrace is installed. To use the multiprocessing library with ddtrace ensure DD_UNLOAD_MODULES_FROM_SITECUSTOMIZE is set to True.
• When running setup.py extensions with the CMake parameter "-j", it could potentially raise an out-of-memory error. If someone wants to expedite the ddtrace installation, they should manually set the "CMAKE_BUILD_PARALLEL_LEVEL" environment variable.

Bug Fixes

• ASM: avoid potentially unneeded import of the IAST native module.

• ASM: avoid potentially unneeded import of the IAST native module if setup doesn't build extensions correctly.

• data_streams: This fix resolves an issue where data stream context propagation would not propagate via SNS if raw message delivery was enabled.

• dynamic instrumentation: function duration measurements are now reported in milliseconds to match the expectation from the UI.

• dynamic instrumentation: fixed an issue that prevented line probes from being injected in some finally blocks.

• dynamic instrumentation: Fixed the programmatic API to ensure that the dynamic instrumentation service is fully enabled when Dynamic Instrumentation.enable() is called.

• dynamic instrumentation: fixed a bug that might have caused probe status to fail to update correctly.

• django: This fix resolves an issue where 'span.resource' would not include the endpoint when a Handler was interrupted, such as in the case of gunicorn worker timeouts.

• CI Visibility: fixes an issue where the Intelligent Test Runner would not work when in EVP proxy mode due to missing X-Datadog-NeedsAppKey header.

• CI Visibility: revert to using DD_CIVISIBILITY_ITR_ENABLED (instead of _DISABLED) to conform with other tracers.

• profiling: fixed a bug that prevented profiles from being correctly correlated to traces in gevent-based applications, thus causing code hotspot and end point data to be missing from the UI.

• docs: Fix undefined variable reference in otel documentation

• CI Visibility: fixes that Python 2.7 test results were not visible in UI due to improperly msgpack-ed data

• ASM: This fix resolves an issue where track_user_signup_event and track_custom_event where not correctly tagging the span. This could lead to the loss of some events in the sampling.

• appsec: Fixes an issue where ddtrace.appsec is imported and assumed to be available in all deployments of ddtrace

• lib-inject: This fix resolves an issue where libdl.so.2: cannot open shared object file: No such file or directory errors occurred when the
  injection image started.

• lib-injection: Resolves permissions errors raised when ddtrace packages are copied from the InitContainer to the shared volume.

• mariadb: This fix resolves an issue where MariaDB connection information objects not including the user or port caused exceptions to be raised.

• appsec: This fix resolves an issue in which the library attempted to finalize twice a context object used by the Application Security Management product.

• propagation: Prevent propagating unsupported non-ascii origin header values.

• pymongo: This upgrades the PyMongo integration to work with PyMongo versions 4.5.0 and above by choosing the root function of the integration on the basis of the PyMongo version.

• tracing: This fix resolves an issue where the _dd.p.dm and _dd.*_psr tags were applied to spans in ways that did not match their intended semantics, increasing the potential for metrics-counting bugs.

• ASM: This fix resolves issue where user information was only set in root span. Now span for user information can be selected.

• sqlalchemy: sqlalchemy rollbacks could previously cause intermittent deadlocks in some cases. To fix this DD_TRACE_SPAN_AGGREGATOR_RLOCK was introduced in 1.16.2 with the default as False. We are now changing the default to True.

• kafka: Resolves an issue where traced kafka connections were assigned a default timeout of 1 second. The default timeout in Consumer.poll(...) should be None.

• openai: This fix resolves an issue where errors during streamed requests resulted in unfinished spans.

Other Changes

• Adds a get_version method to each integration and updates the basic template for developing an integration to include this method. The get_version method returns the integration's package distribution version and is to be included in the APM Telemetry integrations payload.
• Add a ddtrace_iast_flask_patch function defined in ddtrace.appsec.iast to ensure that the main Flask app.py file is patched for IAST propagation. This function should be called before the app.run() call. You only need this if you have set DD_IAST_ENABLED=1. Only the main file needs to call this functions, other imported modules are automatically patched.
• docs: Fixes formatting in ddtrace docs.
• ASM: Improve default value of regex for query string obfuscation. Rename env var DD_TRACE_OBFUSCATION_QUERY_STRING_PATTERN to DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP.