1.6.0rc3

Bug Fixes

• tracing: make ddtrace.context.Context serializable which fixes distributed tracing across processes.
• flask: add support for flask v2.3. Remove deprecated usages of flask._app_ctx_stack and flask._request_ctx_stack.

1.6.0rc2

Prelude

Initial library support has been added for Python 3.11. Continuous Profiler and Dynamic Instrumentation are not yet compatible and must be disabled in order to use the library with Python 3.11. Support for Continuous Profiler and Dynamic Instrumentation will be added in a future release. For full Python 3.11 support status please see: #4149

Application Security Management (ASM) has added support for preventing attacks by blocking malicious IPs using one click within Datadog.

NOTE: One click activation for ASM is currently in beta.

Dynamic instrumentation allows instrumenting a running service dynamically to extract runtime information that could be useful for, e.g., debugging purposes, or to add extra metrics without having to make code changes and re-deploy the service. See https://ddtrace.readthedocs.io/en/stable/configuration.html for more details.

New Features

• ASM: now http.client_ip and network.client.ip will only be collected if ASM is enabled.
• tracer: added support for Python 3.11.
• ASM: add support for one click activation using Remote Configuration Management (RCM). Set DD_REMOTE_CONFIGURATION_ENABLED=true to enable this feature.
• ASM: ip address collection will be enabled if not explicitly disabled and appsec is enabled.
• tracing: HTTP query string tagged by default in http.url tag (sensitive query strings will be obfuscated).
• Django: set usr.id tag by default if request.user is authenticated.
• dynamic instrumentation: Introduced the public interface for the dynamic instrumentation service. See https://ddtrace.readthedocs.io/en/stable/configuration.html for more details.
• Add Span.set_tag_str() as an alternative to the overloaded functionality of Span.set_tag() when the value can be coerced to unicode text.
• Enable telemetry <Instrumentation Telemetry> collection when tracing is enabled.

Upgrade Notes

• Python 3.11: Continuous Profiler and Dynamic Instrumentation must be disabled as they do not currently support Python 3.11.

Bug Fixes

• Fix issue with attrs and contextlib2 version constraints for Python 2.7.
• ASM: only report actor.ip on attack.
• aioredis: added exception handling for CancelledError in the aioredis integration.
• CI Visibility: fixed AppVeyor integration not extracting the full commit message.
• Add iterable methods on TracedCursor. Previously these were not present and would cause iterable usage of cursors in DB API integrations to fail.
• Fix parsing of the DD_TAGS environment variable value to include support for values with colons (e.g. URLs). Also fixed the parsing of invalid tags that begin with a space (e.g. DD_TAGS=" key:val" will now produce a tag with label key, instead of  key, and value val).
• opentracing: don't raise an exception when distributed tracing headers are not present when attempting to extract.
• sqlite3: fix error when using connection.backup method.
• Change dependency from backport_ipaddress` toipaddress. Only installipaddress`` for Python < 3.7.
• gevent: disable gevent after fork hook which could result in a performance regression.
• profiling: restart automatically on all Python versions.
• profiling: fixes an issue with Gunicorn child processes not storing profiling events.
• wsgi: when using more than one nested wsgi traced middleware in the same app ensure wsgi spans have the correct parenting.

Other Notes

• tracing: add http.route tag to root span for Flask framework.

1.5.3

Bug Fixes

• Fix issue with attrs and contextlib2 version constraints for Python 2.7.
• ASM: only report actor.ip on attack.

1.6.0rc1

Prelude

Dynamic instrumentation allows instrumenting a running service dynamically to extract runtime information that could be useful for, e.g., debugging purposes, or to add extra metrics without having to make code changes and re-deploy the service.

New Features

• ASM: 1-click activation with RCM.
• ASM: ip address collection will be enabled if not explicitly disabled and appsec is enabled.
• ASM: HTTP query string tagged by default in http.url (sensitive query strings obfuscated).
• ASM: add http.route for Python Flask.
• Django: set usr.id tag by default if request.user is authenticated.
• Introduced the public interface for the dynamic instrumentation service. See Configuration for more details.
• IAST: Add new env var DD_IAST_ENABLED.
• IAST: detect and report weak hash vulnerabilities.
• Add Span.set_tag_str() as an alternative to the overloaded functionality of Span.set_tag() when the value can be coerced to unicode text.

Upgrade Notes

• Pin attrs dependency to version >=20 due to incompatibility with cattrs version 22.1.0.
• Use Span.set_tag_str() instead of Span.set_tag() when the tag value is a text type as a performance optimizations in manual instrumentation.

Bug Fixes

• ASM: only report actor.ip on attack.
• ASM: fix a conflict with another backport of ipaddress by using the same lib. Add a test.
• aioredis: added exception handling for CancelledError in the aioredis integration.
• CI Visibility: fixed AppVeyor integration not extracting the full commit message.
• Add iterable methods on TracedCursor. Previously these were not present and would cause iterable usage of cursors in DB API integrations to fail.
• Fix parsing of the DD_TAGS environment variable value to include support for values with colons (e.g. URLs). Also fixed the parsing of invalid tags that begin with a space (e.g. DD_TAGS=" key:val" will now produce a tag with label key, instead of key, and value val).
• opentracing: don't raise an exception when distributed tracing headers are not present when attempting to extract.
• sqlite3: fix error when using connection.backup method.
• Only install ipaddress dependency for Python < 3.7
• gevent: disable gevent after fork hook which could result in a performance regression.
• profiling: restart automatically on all Python versions.
• profiling: fixes an issue with Gunicorn child processes not storing profiling events.
• wsgi: when tracing more than one wsgi app within the same process ensure wsgi spans have the correct parenting.

1.5.2

Bug Fixes

• Only install ipaddress dependency for Python < 3.7

1.5.1

Bug Fixes

• dbapi: add iterable methods on TracedCursor. Previously these were not present and would cause iterable usage of cursors in DB API integrations to fail.
• sqlite3: fix error when using connection.backup method.
• gevent: disable gevent after fork hook which could result in a performance regression.

1.5.0

Prelude

Dynamic instrumentation allows instrumenting a running service dynamically to extract runtime information that could be useful for, e.g., debugging purposes, or to add extra metrics without having to make code changes and re-deploy the service.

New Features

• Introduced the public interface for the dynamic instrumentation service. See Configuration for more details.
• Enable telemetry collection when tracing is enabled.
• graphene: add support for graphene>=2. See the graphql documentation for more information.
• Add support for aiobotocore 1.x and 2.x.
• ASM: add user information to traces.
• ASM: collect http client_ip.
• ASM: configure the sensitive data obfuscator.
• ASM: Detect attacks on Pylons body.
• ASM: propagate user id.
• ASM: Support In-App WAF metrics report.
• Collect user agent in normalized span tag http.useragent.
• ASM: Detect attacks on XML body (for Django, Pylons and Flask).
• Adds support for Lambda profiling, which can be enabled by starting the profiler outside of the handler (on cold start).
• profiler: collect and export the class name for the wall time, CPU time and lock profiles, when available.
• add DD_PYMONGO_SERVICE configuration
• ASM: Redact sensitive query strings if sent in http.url.
• redis: track the connection client_name.
• rediscluster: add service name configuration with DD_REDISCLUSTER_SERVICE
• snowflake: add snowflake query id tag to sql.query span

Bug Fixes

• Fix parsing of the DD_TAGS environment variable value to include support for values with colons (e.g. URLs). Also fixed the parsing of invalid tags that begin with a space (e.g. DD_TAGS=" key:val" will now produce a tag with label key, instead of key, and value val).
• ASM: fix a conflict with another backport of ipaddress by using the same lib.
• aioredis: added exception handling for CancelledError in the aioredis integration.
• aiohttp_jinja2: use app_key to look up templates.
• ASM: (flask) avoid json decode error while parsing request body.
• ASM: fix Python 2 error reading WAF rules.
• ASM: reset wsgi input after reading.
• tracing: fix handling of unicode _dd.origin tag for Python 2
• tracing: fix nested web frameworks re-extracting and activating HTTP context propagation headers.
• requests: fix split-by-domain service name when multiple @ signs are present in the url
• profiling: internal use of RLock needs to ensure original threading locks are used rather than gevent threading lock. Because of an indirection in the initialization of the original RLock, we end up getting an underlying gevent lock. We work around this behavior with gevent by creating a patched RLock for use internally.
• profiler: Remove lock for data structure linking threads to spans to avoid deadlocks with the trade-off of correctness of spans linked to threads by stack profiler at a given point in time.
• profiling: fix a possible deadlock due to spans being activated unexpectedly.

1.5.0rc3

Bug Fixes

• ASM: fix a conflict with another backport of ipaddress by using the same lib.

1.3.8

Bug Fixes

• Fix parsing of the DD_TAGS environment variable value to include support for values with colons (e.g. URLs). Also fixed the parsing of invalid tags that begin with a space (e.g. DD_TAGS=" key:val" will now produce a tag with label key, instead of key, and value val).

1.5.0rc2

Prelude

Dynamic instrumentation allows instrumenting a running service dynamically to extract runtime information that could be useful for, e.g., debugging purposes, or to add extra metrics without having to make code changes and re-deploy the service.

New Features

• Introduced the public interface for the dynamic instrumentation service. See Configuration for more details.
• Enable telemetry collection when tracing is enabled.