Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update ddtrace requirement from ~=1.18 to ~=1.19 #780

Merged
merged 5 commits into from
Oct 31, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 19, 2023

Updates the requirements on ddtrace to permit the latest version.

Release notes

Sourced from ddtrace's releases.

1.19.0

Prelude

Vulnerability Management for Code-level (IAST) is now available in private beta. Use the environment variable DD_IAST_ENABLED=True to enable this feature.

New Features

  • Adds the db.row_count tag to redis and other redis-like integrations. The tag represents the number of returned results.
  • CI Visibility: adds test level visibility for unittest
  • ASM: Adds detection of insecure cookie vulnerabilities on responses.
  • ASM: This introduces trusted IPs capabilities in the tracer, to allow specific IPs not to be blocked by ASM but still be monitored.
  • ASM: This introduces a new capability to configure the blocking response of ASM. Users can change the default blocking response behavior or create new custom actions. Configuration of a custom blocking page or payload can still be provided by using DD_APPSEC_HTTP_BLOCKED_TEMPLATE_JSON and DD_APPSEC_HTTP_BLOCKED_TEMPLATE_HTML to change the static files used for the response body. The action block, that can be defined in the static rule file or via remote configuration, allows now to create new custom blocking actions with any status code for the response.
  • The aiopg and aiomysql integrations no longer set the sql.query tag on query spans. This tag duplicated the value captured by the span resource. Users who want to send this query unobfuscated can use the tracer API to set tags on the query span.
  • data_streams: Starts tracking Kafka lag in seconds.
  • kafka: Adds support for the Kafka serializing producer and deserializing consumer.
  • profiling: allow individual collectors to be disabled.
  • tracing: This change introduces the allow_false keyword argument to BaseSampler.sample(), which defaults to True. allow_false controls the function's return value. If allow_false is False, the function will always return True regardless of the sampling decision it made. This is useful when sample is called only for its side effects, which can include setting span tags.

Known Issues

  • There are known issues configuring python's builtin multiprocessing library when ddtrace is installed. To use the multiprocessing library with ddtrace ensure DD_UNLOAD_MODULES_FROM_SITECUSTOMIZE is set to True.
  • When running setup.py extensions with the CMake parameter "-j", it could potentially raise an out-of-memory error. If someone wants to expedite the ddtrace installation, they should manually set the "CMAKE_BUILD_PARALLEL_LEVEL" environment variable.

Bug Fixes

  • ASM: avoid potentially unneeded import of the IAST native module.

  • ASM: avoid potentially unneeded import of the IAST native module if setup doesn't build extensions correctly.

  • data_streams: This fix resolves an issue where data stream context propagation would not propagate via SNS if raw message delivery was enabled.

  • dynamic instrumentation: function duration measurements are now reported in milliseconds to match the expectation from the UI.

  • dynamic instrumentation: fixed an issue that prevented line probes from being injected in some finally blocks.

  • dynamic instrumentation: Fixed the programmatic API to ensure that the dynamic instrumentation service is fully enabled when Dynamic Instrumentation.enable() is called.

  • dynamic instrumentation: fixed a bug that might have caused probe status to fail to update correctly.

  • django: This fix resolves an issue where 'span.resource' would not include the endpoint when a Handler was interrupted, such as in the case of gunicorn worker timeouts.

  • CI Visibility: fixes an issue where the Intelligent Test Runner would not work when in EVP proxy mode due to missing X-Datadog-NeedsAppKey header.

  • CI Visibility: revert to using DD_CIVISIBILITY_ITR_ENABLED (instead of _DISABLED) to conform with other tracers.

  • profiling: fixed a bug that prevented profiles from being correctly correlated to traces in gevent-based applications, thus causing code hotspot and end point data to be missing from the UI.

  • docs: Fix undefined variable reference in otel documentation

  • CI Visibility: fixes that Python 2.7 test results were not visible in UI due to improperly msgpack-ed data

... (truncated)

Changelog

Sourced from ddtrace's changelog.

Changelog

0.44.0+

Changelogs are now managed automatically by reno and located at https://ddtrace.readthedocs.io/en/stable/release_notes.html.


0.43.0 (5/10/2020)

  • fix(django): avoid mixing str and non-str args for uri helper
  • fix(asgi): tag 500-level responses as errors
  • fix(asgi): set http status when exception raised
  • fix(rediscluster): support rediscluster==2.1.0
  • fix(asyncio): enable patch by default
  • fix(asyncio): patch base event loop class
  • fix(vertica): use strings in __all__
  • feat(core): backport contextvars
  • fix(sanic): fix patching for sanic async http server (#1659)
  • fix(flask): make template patching idempotent
  • fix(core): Do not rate limit log lines when in debug
  • fix(profiling): Fix a potential deadlock on profiler restart after fork()

0.42.0 (14/09/2020)

  • feat(django): add database_service_name config option
  • feat: add global service name configuration for dbapi integrations
  • fix(falcon): set span error for 5xx responses
  • fix(core): always store span_type as str on span
  • feat(pymongo): trace tcp connections
  • fix(logging): cast span_id and trace_id as string when adding to the record.
  • fix(gevent): patch ssl modules on import
  • feat(core): add trace_utils module
  • fix(core): expose http setting on global config
  • feat(core): consolidate fork checks

0.41.2 (25/08/2020)

  • Fix for an issue introduced by patching classes in the MRO of a Django View class (#1625).

0.41.1 (25/08/2020)

  • reintroduce wrapt for patching Django view methods. (#1622)

... (truncated)

Commits
  • f9e090f fix(openai): ensure streamed spans with error are manually finished [backport...
  • 907289b chore(debugging): add RESUME to functions generated by DSL [backport 1.19] (#...
  • b4a7ee2 test(debugging): make RCM data flow synchronous [backport 1.19] (#6904)
  • 3376c7e chore(internal): reduce log volume from core api (#6886) [backport 1.19] (#6889)
  • abaf117 fix(kafka): ensures Consumer.poll is called with the expected arguments [back...
  • 68fc1f8 chore(ci): force setuptools_scm to use guess-next-dev version scheme in 1.19 ...
  • f36bb62 feat(iast): private beta release notes [backport 1.19] (#6895)
  • 648c7a2 chore(ci): fix precheck (#6882) [backport 1.19] (#6896)
  • 4ea0229 chore(telemetry): track agent connection configurations (#6824)
  • 43a395e ci(sqlalchemy/starlette): add back missing constant (#6879)
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Updates the requirements on [ddtrace](https://github.com/DataDog/dd-trace-py) to permit the latest version.
- [Release notes](https://github.com/DataDog/dd-trace-py/releases)
- [Changelog](https://github.com/DataDog/dd-trace-py/blob/2.x/CHANGELOG.md)
- [Commits](DataDog/dd-trace-py@v1.18.0...v1.19.0)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner September 19, 2023 12:05
@cla-bot cla-bot bot added the cla:yes label Sep 19, 2023
@github-actions
Copy link
Contributor

Thank you for your pull request! We could not find a changelog entry for this change. For details on how to document a change, see the dbt-snowflake contributing guide.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 20, 2023

A newer version of ddtrace exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

@mikealfare mikealfare merged commit 8e7a12e into main Oct 31, 2023
11 checks passed
@mikealfare mikealfare deleted the dependabot/pip/ddtrace-approx-eq-1.19 branch October 31, 2023 04:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants