1.47.1

Components

Continuous Integration Visibility

• 🐛 🍒 8521 - Fix NPE when calculating code coverage for Gradle projects with non-standard directory layout (#8546 - @nikita-tkachenko-datadog)

Tracer core

• ✨ 🍒 8544 - Make the default config sources more robust when a security manager is installed (#8545 - @mcculls)

1.47.0

Components

Application Security Management (IAST)

• 🐛 Exclude com.stripe.net.HttpURLConnectionClient to solve IAST SSRF vulnerability false positives (#8483 - @jandro996)
• 🐛 Add exclusion to solve IAST weak randomness vulnerability false positives (#8462 - @jandro996)
• ✨ Fix weak randomness false positive in Kafka client (#8408 - @smola)
• ✨ Fix location for SSRF with Kong Unirest (#8407 - @smola)
• ✨ Exclude IBM Instana from IAST (#8406 - @smola)
• 🐛 Fix org.json iast instrumentation test for latest dependency (#8347 - @jandro996)
• ✨ Configuration to Disable APM Tracing (#8219 - @jandro996)
• ✨ Address cookie vulnerability cardinality issues (#8210 - @jandro996)
• ✨ Email HTML Injection detection in IAST (#8205 - @sezen-datadog)

Application Security Management (WAF)

• 🐛✨ Ensure usr.exists tag is not overridden when UsernameNotFoundException is thrown (#8376 - @manuel-alvarez-alvarez)
• 🐛✨ Ensure usr.exists tag is not overridden by auto instrumentation (#8374 - @manuel-alvarez-alvarez)
• ✨ Update appsec metrics with event_rules_version tag (#8354 - @sezen-datadog)
• ✨ Update metrics: appsec.waf.requests (#8353 - @Mariovido)
• ✨ Improve ASM support in vert.x 5.0 (#8285 - @manuel-alvarez-alvarez)
• ✨ Update metrics: appsec.waf.updates and appsec.waf.init (#8280 - @Mariovido)
• ✨ Configuration to Disable APM Tracing (#8219 - @jandro996)

Build & Tooling

• 🐛 Do not generate Muzzle references for primitive arrays in method body (#8361 - @amarziali)
• 📖 Improve dev env setup documentation for Windows (#8180 - @lucaspimentel)

Continuous Integration Visibility

• ✨ Add support for skip-EFD tagging (#8487 - @nikita-tkachenko-datadog)
• 🐛 Fix an NPE in Gradle Android instrumentation (#8484 - @nikita-tkachenko-datadog)
• ✨ Consider modified tests when applying fail-fast tests ordering (#8474 - @nikita-tkachenko-datadog)
• ✨ Implement tests reordering for TestNG (#8467 - @nikita-tkachenko-datadog)
• 🐛 Fix Gradle Launcher instrumentation to not interfere with Gradle Test Kit (#8465 - @nikita-tkachenko-datadog)
• 🧹 Use separate TestEventHandlers per framework in CI Vis instrumentations (#8451 - @daniel-mohedano)
• ✨ Remove warning log when JUnit 4 test method cannot be retrieved (#8445 - @nikita-tkachenko-datadog)
• 🐛 Fix Scalatest tracing for tests that are reported asynchronously (#8444 - @nikita-tkachenko-datadog)
• ✨ Implement attempt to fix tests (#8393 - @daniel-mohedano)
• ✨ Implement test disabling (#8377 - @daniel-mohedano)
• ✨ Update CODEOWNERS parser to not log errors on comments with leading whitespace (#8349 - @nikita-tkachenko-datadog)
• ✨ Request Test Management tests list (#8345 - @daniel-mohedano)
• ✨ Receive test management settings from CIVis settings request (#8331 - @daniel-mohedano)
• ✨ Implement quarantined tests tagging (#8326 - @nikita-tkachenko-datadog)
• ✨ Implement tests quarantining (#8320 - @nikita-tkachenko-datadog)
• ✨ Add tag to specify if the user is setting DD_SERVICE (#8318 - @daniel-mohedano)

Crash tracking

• ✨ Only fork jps when required (#8419 - @mcculls)
• 🐛 Use Java home of the crashed process to launch crash uploader (#8348 - @jbachorik)

Data Streams Monitoring

• 🐛 Fix error happening when sqs message attributes are readonly (#8473 - @vandonr)
• 🐛 Fix bug on proto schema extraction (#8403 - @vandonr)
• 🐛 Fix service name overrides in consumers (#8387 - @piochelepiotr)

Database Monitoring

• ✨ Add DBMTracePreparedStatements to tracer configuration log (#8508 - @cecile75)

Dynamic Instrumentation

• ✨ Look in another location for grpc service methods (#8468 - @evanchooly)
• 🐛 Fix Exception Replay with Lambda proxy classes (#8452 - @jpbempel)
• ✨ Add code origin support for spring-webmvc (#8416 - @evanchooly)
• ✨ Add support for scanning jar from loaded class (#8370 - @jpbempel)
• 🐛 Disable capture of entry values (#8369 - @jpbempel)
• 🐛 Fix CodeOrigin for @Trace annotation (#8344 - @jpbempel)
• 🐛 Fix equals/hashCode for CodeOrigin probe (#8319 - @jpbempel)
• ✨ Add code origin support to kafka message listeners (#8301 - @evanchooly)

Metrics

• ✨ Create metric: appsec.waf.error (#8381 - @sezen-datadog)
• ✨ Create metric: appsec.rasp.error (#8364 - @sezen-datadog)

Profiling

• ✨ Bump ddprof library to 1.22.0 (#8463 - @jbachorik)
  • IBM J9 8u361 corresponds to OpenJDK 8u362 by @jbachorik in DataDog/java-profiler#187
  • Fix compatibility with musl libc 1.2.4 by @jbachorik in DataDog/java-profiler#189
  • Modify version extraction by @jbachorik in DataDog/java-profiler#179
  • Do not write null values to jvminfo event by @jbachorik in DataDog/java-profiler#184
  • Productize VMStructs-based stack walker by @jbachorik in DataDog/java-profiler#177
  • A few minor downport issues by @jbachorik in DataDog/java-profiler#180
  • Enable ASGCT by default on fairly safe J9 JDK versions by @jbachorik in DataDog/java-profiler#181
• 🐛 Exclude OrderedThreadPoolExecutor from queue-time measurements (#8456 - @jbachorik)
• ✨ Record JVM info on JVMs without JFR (#8431 - @jbachorik)
• 🐛 Actually use CleanupTask in TempLocationManager (#8420 - @mcculls)
• ✨ Only fork jps when required (#8419 - @mcculls)
• 🐛 Adjust JFR checks for J9 (#8405 - @jbachorik)
• 🧹 Disable smap RSS parsing by default (#8342 - @MattAlp)

Telemetry

• 🐛 Add support for JBoss jar:file format to DependencyResolver (#8428 - @jandro996)
• ✨ Update metrics: appsec.waf.requests (#8353 - @Mariovido)

Trace context propagation

• ✨ Introduce tracing propagator (#8313 - @PerfectSlayer)

Tracer core

• 🐛 Fix Stable Config telemetry source names (#8460 - @BaptisteFoy)
• ✨ Probe trace endpoints with a valid payload of empty arrays (#8414 - @mcculls)
• ✨ Add 1 minute fail-safe to JUL/JMX class-loading callback (#8399 - @mcculls)
• ✨ Migrate DSM injection calls to context-first APIs (#8383 - @PerfectSlayer)
• 🧹 Move continuation capture methods from scope to tracer (#8371 - @mcculls)
• ✨ Migrate context extraction calls to context-first APIs (#8368 - @PerfectSlayer)
• 🧹 Migrate context injection calls to context-first APIs (#8358 - @PerfectSlayer)
• 💡 Support reading configurations from files (#8338 - @mtoffl01)
• 💡 Implementation of BaggagePropagator and BaggageContext (#8330 - @mhlidd)
• 🧹 Combine continuation implementations into one which supports multiple activations (#8324 - @mcculls)
• ✨ Introduce tracing propagator (#8313 - @PerfectSlayer)
• ✨ Remove old context propagation API (#8271 - @PerfectSlayer)

Instrumentations

AWS Lambda instrumentation

• 🐛 Send error message and stack to Lambda extension (#8417 - @nhulston)

AWS SDK instrumentation

• 🐛 Fix error happening when sqs message attributes are readonly (#8473 - @vandonr)
• 💡 Inject trace context into AWS Step Functions input (#7585 - @DylanLovesCoffee)

Core Java language instrumentation

• ✨ Look in another location for grpc service methods (#8468 - @evanchooly)
• ✨ Add code origin support for spring-webmvc (#8416 - @evanchooly)
• 💡 Implementation of BaggagePropagator and BaggageContext (#8330 - @mhlidd)
• ✨ Add code origin support to kafka message listeners (#8301 - @evanchooly)

gRPC instrumentation

• ✨ Look in another location for grpc service methods (#8468 - @evanchooly)

Kafka instrumentation

• ✨ Add messaging.destination.name tag to kafka integrations (#8366 - @rarguelloF)

Protocol Buffer instrumentation

• 🐛 Fix bug on proto schema extraction (#8403 - @vandonr)

1.46.1

Components

Dynamic Instrumentation

• 🐛 🍒 8344 - Fix CodeOrigin for @trace annotation (#8425 - @evanchooly)
• 🐛 🍒 8369 - Disable capture of entry values (#8424 - @evanchooly)

Other changes

Library Injection

• 🐛 Address partial library copy failures causing failed application startups in k8s.

1.46.0

Known Bugs

Note

If you are experiencing issues with failed application startups in k8s, please update to the latest version.

Breaking Changes

Warning

jnr-unixsocket is now an external dependency of dd-trace-ot and must be included when deploying dd-trace-ot.

Note

The API TracerScope.setAsync(boolean), used to manually control asynchronous span propagation, does no more apply to the scope instance but to the active span scope.

Components

Application Security Management (IAST)

• 🐛 Fix String.replace instrumentation for IAST (#8281 - @Mariovido)
• ✨ Apply the standard nomenclature to the stacktrace configs (#8244 - @jandro996)
• 🐛 Exclude false positive weak randomness (#8232 - @jandro996)
• ✨ Propagation of translateEscapes of String class (#8186 - @sezen-datadog)
• ✨ Add security control metrics (#8175 - @jandro996)
• ✨ Increase IAST propagation to StringBuffer setLength (#8128 - @Mariovido)
• ✨ Add IAST taint tracking for DB values (#8072 - @Mariovido)

Application Security Management (WAF)

• 🐛 Prevents a NPE when there is no subscriber for user events (#8258 - @manuel-alvarez-alvarez)
• ✨ Apply the standard nomenclature to the stacktrace configs (#8244 - @jandro996)
• 🐛 Ensure cached subscriptions are cleared on reconfiguration via RC (#8229 - @manuel-alvarez-alvarez)
• ✨ Add support for session tracking in Vertx (#8167 - @manuel-alvarez-alvarez)
• ✨ Create span tag: _dd.appsec.rasp.timeout (#8269 - @Mariovido)

Build & Tooling

• 🐛 Ensure shaded helpers have unique names when injected into class-loaders (#8192 - @mcculls)

Configuration at Runtime

• 🐛 Remove filtering of DD_SERVICE and DD_ENV from the tracer (#8176 - @mhlidd)

Continuous Integration Visibility

• 🧹 Generalize TestRetryPolicy to TestExecutionPolicy (#8302 - @nikita-tkachenko-datadog)
• 🧹 Parallelize CI Visibility settings requests (#8299 - @nikita-tkachenko-datadog)
• 🧹 Generalize test retry logic (#8289 - @nikita-tkachenko-datadog)
• 🧹 Generalize tests skipping logic (#8288 - @nikita-tkachenko-datadog)
• 🧹 Remove skip and shouldBeSkipped methods from TestEventsHandler in favor of isSkippable (#8286 - @nikita-tkachenko-datadog)
• ✨⚡ Optimize Git repository information computation (#8270 - @dougqh)
• ✨ Always request known tests from the backend (#8268 - @nikita-tkachenko-datadog)
• ✨ Fix NPE when trying to get retry analyzer in Test NG (#8253 - @nikita-tkachenko-datadog)
• 🐛 Set test framework and test framework version tags atomically (#8252 - @nikita-tkachenko-datadog)
• ✨ Add debug logging to Android Gradle module layout logic (#8251 - @nikita-tkachenko-datadog)
• 🐛 Fix source and destination folders computation for Android Gradle projects (#8190 - @nikita-tkachenko-datadog)
• ✨ Add basic Scala Weaver sbt support (#8189 - @daniel-mohedano)
• ✨ Implement impacted tests detection (#8188 - @nikita-tkachenko-datadog)

Data Streams Monitoring

• ✨ Change hash computation for protobuf to better represent impacting changes + save proto number in schema (#8201 - @vandonr)

Database Monitoring

• Add peer service tag in dbm sql commenter (#7913 - @jordan-wong)

Dynamic Instrumentation

• ✨ Add support for SymDB to scan directories (#8306 - @jpbempel)
• ✨ Add SymDB report for any jar scanning failures (#8300 - @jpbempel)
• ✨ Use two budgets depending on type (#8283 - @evanchooly)
• ✨ Institute a 10 snapshot per probe per trace budget (#8277 - @evanchooly)
• 🐛 Avoid double snapshots for Exception Replay (#8273 - @jpbempel)
• ✨ Simplify code origins. Separate out snapshot generation. (#8263 - @evanchooly)
• ✨ Add Exception probe custom instrumentation (#8230 - @jpbempel)
• ✨ Enhance log probes to honor debug session tags (#8215 - @evanchooly)
• 🐛 Don't redact env tokens from debugger probe snapshots (#8211 - @watson)
• ✨⚡ Move Trace/SpanId capture at commit time (#8184 - @jpbempel)
• 🐛 Capture values at entry for method probe (#8169 - @jpbempel)

JMX fetch

• 🐛 Mute JMXFetch Shutdown in progress error (#8068 - @ygree)

OpenTracing

• ⚠️🧹 Make jnr-unixsocket an explicit dependency of dd-trace-ot (#8307 - @mcculls)

Profiling

• 🐛 Avoid unsupported API call for creating folders on windows (#8304 - @jbachorik)
• ✨ Tag profiles for serverless (#8279 - @jbachorik)
• ✨ add queue type and length to queue events (#8242 - @richardstartin)
• 🐛 TempLocationManager Fixes and Improvements (#8191 - @jbachorik)
• ✨ Bump ddprof to 1.18.0 (#8173 - @jbachorik)
• ✨ Report profiler initialization and configuration errors to telemetry (#8171 - @jbachorik)

Telemetry

• ✨ Add pending traces report in tracer flares (#8053 - @mhlidd)

Testing

• ✨ Test http server requests in parallel (#8222 - @amarziali)

Trace context propagation

• ✨ Add non default propagator registration (#8310 - @PerfectSlayer)

Tracer core

• ✨ Probe for existence of IBMSASL or ACCP security providers (#8276 - @mcculls)
• ✨⚡ Overhead improvement to agent feedback based sampling (#8265 - @dougqh)
• 🧹 Move async propagation API from scope to tracer (#8231 - @PerfectSlayer)
• ✨ Introduce context propagation API (#8161 - @PerfectSlayer)
• ✨🧪 Use env-entry to add tags per webapp deployment (#8138 - @amarziali)
• ✨ Introduce context helpers API (#8134 - @PerfectSlayer)
• ✨ Support IPv6 values for DD_AGENT_HOST and DD_TRACE_AGENT_URL (#7984 - @mhlidd)

Instrumentations

Apache HttpComponents

• 🐛 Properly finish spans and support latest apache httpclient5 (#8272 - @amarziali)

AWS Lambda instrumentation

• 🐛 Properly capture lambda payloads for all handler types. (#8264 - @purple4reina)

AWS S3 instrumentation

• 💡 Create S3 instrumentation + add span pointers (#8075 - @nhulston)

AWS SDK instrumentation

• 🐛 Revert "Add avoid double instrumenting lambda non-streaming handlers." (#8247 - @nhulston)

Cassandra

• ✨ Allow extracting keyspace from statement result (#8239 - @amarziali)

Core Java language instrumentation

• ✨ Propagation of translateEscapes of String class (#8186 - @sezen-datadog)

Eclipse Vert.x instrumentation

• 🐛 Fix vertx worker propagation and error handling (#8237 - @amarziali)
• ✨ Support vertx 5 (#8220 - @amarziali)
• ✨ Add support for session tracking in Vertx (#8167 - @manuel-alvarez-alvarez)

Kafka instrumentation

• 🐛 Prevent possible NPE calculating Kafka record header size (#8292 - @ygree)

Mule instrumentation

• 🐛 Fix crash using Mule with JPMS (#8187 - @amarziali)

Protocol Buffer instrumentation

• ✨ Change hash computation for protobuf to better represent impacting changes + save proto number in schema (#8201 - @vandonr)

Spring instrumentation

• 🐛 Preserve getQualifier from spring scheduling runnables (#8293 - @amarziali)

All other instrumentations

• Valkey instrumentation support (#8228 - @AhmadMasry - thanks for the contribution!)

1.45.2

Components

Application Security Management (WAF)

• 🐛 🍒 8258 - Prevents a NPE when there is no subscriber for user events (#8260 - @manuel-alvarez-alvarez)

1.45.1

Components

Build & Tooling

• 🐛 🍒 #8192 - Ensure shaded helpers have unique names when injected into class-loaders (#8193 - @mcculls)

Continuous Integration Visibility

• 🐛 🍒 #8190 - Fix source and destination folders computation for Android Gradle projects (#8194 - @nikita-tkachenko-datadog)

Profiling

• 🐛 🍒 #8173 - Bump ddprof to 1.18.0 (#8200 - @MattAlp)
• 🐛 🍒 #8191 - TempLocationManager Fixes and Improvements (#8199 - @jbachorik)

Instrumentations

Mulesoft

• 🐛 🍒 #8187 - Fix crash using Mule with JPMS (#8195 - @amarziali)

1.45.0

Breaking changes

Warning

Support for custom scope manager using OpenTelemetry tracer artifact (dd-trace-ot) is dropped.
Tracing with OpenTracing API and custom scope manager will continue to work on 1.44.x releases.

Components

Application Security Management (IAST)

• ✨ Add propagation to URI#toURL method (#8146 - @manuel-alvarez-alvarez)
• ✨ Increase IAST propagation to StringBuilder setLength (#8119 - @Mariovido)
• ✨ Increase IAST propagation to StringBuffer append (#8082 - @Mariovido)
• ✨ Handle IAST security controls custom validation and sanitization methods (#7997 - @jandro996)

Application Security Management (WAF)

• ✨ Update user lifecycle tracking to V3 (#8108 - @manuel-alvarez-alvarez)
• ✨ Exploit prevention for Shell Injection / Command Injection (#7615 - @jandro996)

Build & Tooling

• 💡 Support instrumentation of repackaged libraries (#8153 - @mcculls)
• ✨ Configure native image build setting for JDK-22 based GraalVM (#8092 - @MattAlp)

Database Monitoring

• ✨ Add full APM/DBM mode for Oracle (#8090 - @nenadnoveljic)

Dynamic Instrumentation

• 🐛 make local var hoisting disabled by default (#8158 - @jpbempel)
• 🐛 Fix var hoisting issue when no previous store (#8122 - @jpbempel)
• ✨ Only decorate spans without code origin information (#8105 - @evanchooly)
• 🐛 Fix suspend Kotlin methods instrumentation (#8080 - @jpbempel)
• 🐛 Fix class file version detection (#8057 - @jpbempel)

GraalVM native-image

• ✨ Configure native image build setting for JDK-22 based GraalVM (#8092 - @MattAlp)

ML Observability (LLMObs)

• ✨🧪 Add LLMObs configuration (#8076 - @gary-huang)

Metrics

• Bump integrations-core submodule to 7.60.0 (#8098 - @mcculls)
• Upgrade to java-dogstatsd-client v4.4.3 (#8096 - @mcculls)

OpenTracing

• ⚠️🧹 Remove custom scope manager support (#8164 - @PerfectSlayer)

Telemetry

• ✨ Retry telemetry requests if CI Visibility is enabled (#8147 - @nikita-tkachenko-datadog)
• ✨ Add configurable Dependency service resolution period (#8079 - @jandro996)

Testing

• 🐛 Remove restriction to not run vertx4 latest tests on java 17 (#8133 - @vandonr)

Tracer core

• ✨ Defer remote components to avoid OkHttp class-loading side-effects (#8131 - @mcculls)
• ✨ Improve Context API null handling and Javadoc (#8129 - @PerfectSlayer)
• 🐛⚡ Avoid performing blocking I/O operation on application thread (#8120 - @mcculls)
• 💡 Introduce a shared context component, independent of tracing (#8117 - @mcculls)
• ✨ Improves ServiceNameCollector (#8109 - @amarziali)
• Upgrade to ASM 9.7.1 (adds new constant for Java 24) (#8097 - @mcculls)
• 🐛 Dynamically evaluate service name for message consumers (#8088 - @amarziali)

Serverless

• 🐛 Add avoid double instrumenting lambda non-streaming handlers. (#8073 - @purple4reina)

Instrumentations

AWS SDK instrumentation

• 💡 Instrument EMR's relocated AWS SDK (#8157 - @mcculls)

Eclipse Vert.x instrumentation

• 🐛 Remove restriction to not run vertx4 latest tests on java 17 (#8133 - @vandonr)

JDBC instrumentation

• ✨ Add full APM/DBM mode for Oracle (#8090 - @nenadnoveljic)

Jetty instrumentation

• 🐛 Ensure jetty 12 has servlet.path starting with / (#8093 - @github-actions[bot])

JMS instrumentation

• 🧹 Re-use javax JMS module for jakarta namespace (#8155 - @mcculls)
• 🧹 Group javax.jms instrumentations under a single module (#8154 - @mcculls)

Reactor instrumentation

• 🐛 Reactor: early propagate span in context when subscribing (#8166 - @amarziali)

1.44.1

Components

Continuous Integration Visibility

• 🐛 Fix tracing JUnit5 tests in Maven projects with multiple forks (#8089 - @nikita-tkachenko-datadog)

1.44.0

Known Issues

Warning

This release contains a known issue that causes failures when using Test Optimization to trace JUnit 5 tests in a Maven project where Maven Surefire is configured with forkCount > 1.
The issue is fixed in v1.44.1

Breaking Changes

Warning

Support for X-Forwarded header is dropped from default client IP resolution.
It can still be re-activated using the dd.trace.client-ip-header=x-forwarded system property, or the DD_TRACE_CLIENT_IP_HEADER=x-forwarded environment variable. See #7946.

Components

Application Security Management (IAST)

• ✨ Set unexpected IAST exceptions to debug log level (#8044 - @smola)
• ✨ Increase IAST propagation to StringBuffer subSequence (#8038 - @Mariovido)
• ✨ Increase IAST propagation to StringBuilder subSequence (#8026 - @Mariovido)
• ✨ Add IAST propagation to String valueOf (#8013 - @Mariovido)
• ✨ Increase IAST propagation to StringBuilder append (#8010 - @Mariovido)
• ✨ Expand SSRF support in IAST to apache-httpclient-5 and apache-httpasyncclient-4 (#7920 - @Mariovido)

Build & Tooling

• ✨ Generate Muzzle classes for Groovy instrumentations (#8004 - @nikita-tkachenko-datadog)

Continuous Integration Visibility

• ✨ Support distributed traces in tests (#8078 - @nikita-tkachenko-datadog)
• ✨ Implement fail-fast tests ordering for JUnit 5 (#8055 - @nikita-tkachenko-datadog)
• ✨ Mark JUnit 5 setup and teardown action spans as failed if there is an error (#8033 - @nikita-tkachenko-datadog)
• ✨ Add tracing of setup and teardown actions in JUnit 4 (#8030 - @daniel-mohedano)

Crash tracking

• ✨ Improve crash tracking install logging (#8045 - @PerfectSlayer)

Data Streams Monitoring

• 🐛 Add Data Streams support in AWS SQS without raw message delivery (#8071 - @piochelepiotr)
• ✨ Add new tag for enabled products / features to DSM checkpoints (#8051 - @kr-igor)
• 💡 Instrument self hosted Kafka connectors (#7959 - @piochelepiotr)

Dynamic Instrumentation

• ✨ Add Micronaut 4 support for code origin for spans (#8039 - @jpbempel)
• ✨ Refactor probe matching for methods (#8021 - @jpbempel)
• ✨ Update the CodeOriginProbe fingerprint to not rely on a stack walk (#8016 - @evanchooly)
• ✨ Implement code origin support for grpc server entry spans (#7942 - @evanchooly)

GraalVM native-image

• 🐛 Update Graal build-time instrumentation config for TracePropagationStyle (#8065 - @MattAlp)
• 🐛 Fix NoClassDefFoundError: Could not initialize class DDSpanLink$EncoderHolder in Graal native-image (#8036 - @mcculls)
• 🐛🧹 Fix native-image generation of reactive applications (#8012 - @mcculls)

OpenTracing

• 🧹 Custom ScopeManagers are deprecated and will be removed in a future release of dd-trace-ot (#8058 - @mcculls)

Tracer core

• ✨🧪 Service naming: split by jee deployment (#8064 - @amarziali)
• ✨ Exclude jboss mdb proxies from instrumenting (#8061 - @amarziali)
• ✨ Add a built-in trace interceptor for keeping traces depending of their latency (#8040 - @cecile75)
• 💡 Introduce marker mechanism for eagerly initializing helpers (#8028 - @mcculls)
• 💡 Add JSON component (#7973 - @PerfectSlayer)
• ✨⚠️ Remove support for X-Forwarded in client IP resolution (#7946 - @smola)

Instrumentations

Apache HttpComponents

• ✨ Expand SSRF support in IAST to apache-httpclient-5 and apache-httpasyncclient-4 (#7920 - @Mariovido)

gRPC instrumentation

• 🐛 Use lower priorities for grpc server errors (#8043 - @amarziali)

JDBC instrumentation

• ✨ Add trace injection for prepared statements in Postgres (#7940 - @nenadnoveljic)

JMS instrumentation

• 🐛 Protect mdb from instrumenting multiple time the same event (#8062 - @amarziali)

Kafka instrumentation

• 💡 Instrument self hosted Kafka connectors (#7959 - @piochelepiotr)

OpenTelemetry instrumentation

• 🐛 Support using OpenTelemetry Event API inside @WithSpan annotated method (#8019 - @mcculls)

Reactor instrumentation

• 🐛🧹 Fix native-image generation of reactive applications (#8012 - @mcculls)

Spring instrumentation

• 🐛 Avoid double instrumenting lambdas on latest spring scheduling (#8005 - @amarziali)

All other instrumentations

• 🐛 Twilio: allow service name flattening (#8025 - @amarziali)
• ✨ Instrument Mulesoft 4.5.0+ (#7981 - @amarziali)

1.43.0

Components

Application Security Management (IAST)

• ✨ Add propagation to StringBuffer substring methods (#7992 - @Mariovido)
• 🐛 Fix issue with call sites in super calls to constructor (#7991 - @manuel-alvarez-alvarez)
• ✨ Add propagation to StringBuilder substring methods (#7980 - @Mariovido)
• 🐛 Reset IAST request context on root span published (#7969 - @manuel-alvarez-alvarez)
• ✨ Add propagation to String constructors with StringBuffer and StringBuilder (#7966 - @Mariovido)
• 🐛 Do not reset IAST concurrent request counter (#7963 - @smola)
• ✨ Exclude spark web from vulnerability locations (#7939 - @smola)
• 🐛 Exclude dev.failsafe from IAST instrumentation (#7938 - @smola)
• ✨ Exclude okio from vulnerability locations (#7937 - @smola)
• ✨ Expand SSRF support in IAST to java.net.http.HttpClient (#7877 - @Mariovido)
• Fix stack trace inconsistency between excluded frames in vulnerability location and metastruct stack trace (#7865 - @jandro996)
• ✨🧪 Add experimental taint propagation to the String replace, replaceFirst, replaceAll methods (#7741 - @Mariovido)

Application Security Management (WAF)

• Upgrade to libddwaf 1.21.0 (libddwaf-java 11.2.0) (#7993 - @ValentinZakharov)
• Updated ASM rules to 1.13.3 (#7976 - @ValentinZakharov)
• ✨ Prevent spans from having login success and failure events simultaneously (#7918 - @manuel-alvarez-alvarez)
• Add support for session tracking in jetty (#7837 - @manuel-alvarez-alvarez)
• Extend support for SSRF in exploit prevention (#7376 - @jandro996)

Build & Tooling

• ✨ Add JMXFetch to SSI Guardrails denylist (#7970 - @PerfectSlayer)
• 🐛 Remove SSI guardrails entries for hbase and hive (#7916 - @PerfectSlayer)

Continuous Integration Visibility

• 🐛 Instrument Gradle Launcher to avoid overwriting org.gradle.jvmargs property (#8001 - @nikita-tkachenko-datadog)
• Add source line tags to test suites (#7964 - @daniel-mohedano)

Crash tracking

• 🐛 Improve crashtracking support for older Bash versions (#7956 - @PerfectSlayer)
• ✨ Adjust crash upload timeout (#7905 - @dougqh)
• ✨ Use telemetry 'is_sensitive' attribute instead of redacting the crash stacktrace (#7899 - @jbachorik)

Data Streams Monitoring

• Support service name overrides for DSM (#7798 - @kr-igor)

Dynamic Instrumentation

• 🐛 Fix integer json parsing probe definition (#7957 - @jpbempel)
• 🐛 Fix NullPointerException Extracting Class symbols (#7934 - @jpbempel)
• ✨ Avoid duplicate class symbol extraction (#7919 - @jpbempel)
• Add outer exceptions support for Exception Replay (#7897 - @jpbempel)
• 🐛 Fix memory leak in Exception Replay (#7885 - @jpbempel)
• ✨ Consult the environment variable when setting the max users frames in code origin probes (#7881 - @evanchooly)

JMX fetch

• 🐛 Bump JMXFetch to 0.49.6 (#7927 - @carlosroman)

Profiling

• ✨ Common temporary location manager for profiling product (#7971 - @jbachorik)
• 🐛✨ Standardize some of the profiler sampling frequencies (#7961 - @MattAlp)
• ✨ enable SystemGC events (#7921 - @richardstartin)
• 🐛 Bump ddprof to 1.17.0 (#7915 - @jbachorik)
• ✨ paranoid exception handling when setting profiling thread context (#7903 - @richardstartin)

Telemetry

• ✨ Collect git metadata for telemetry (#7951 - @jpbempel)
• ✨ Fix dependency collection for new Spring Boot nested jars (#7931 - @smola)

Trace context propagation

• 🐛 Fix baggages mapping configuration when only keys are provided (#7972 - @cecile75)
• ✨ Updating Span Link creation due to header tag propagations for invalid spans (#7799 - @mhlidd)

Instrumentations

AWS Lambda instrumentation

• ✨ Increase lambda extension request timeout (#7986 - @nhulston)

AWS SDK instrumentation

• 🐛 Fix AWS Payload Tagging prefix generation related to SdkPojo (#7882 - @ygree)

Jetty instrumentation

• Add support for session tracking in jetty (#7837 - @manuel-alvarez-alvarez)

Kafka instrumentation

• 🐛 Reenable kafka 3.8 by default (#8007 - @nayeem-kamal)
• 🐛 Avoid double instrumentation of kafka-clients 3.8+ (#8006 - @mcculls)
• 🐛 Fix Kafka lag instrumentation for version 2.7 of Kafka (#7941 - @piochelepiotr)

Netty instrumentation

• 🐛 Finish netty span when request is cancelled (#7900 - @amarziali)

Reactor instrumentation

• 📖 Add reactor samples and doc (#7906 - @amarziali)
• 🐛 Protect currentContext access for reactor inner operators (#7883 - @amarziali)