1.39.0
github-actions
released this
02 Sep 15:05
·
367 commits
to master
since this release
Components
Application Security Management (IAST)
- π Do not skip ErrorReportValve.report in any case (#7489 - @smola)
- β¨ Suppress internal exceptions in tomcat stacktrace leak detection (#7488 - @smola)
- π Add exclusions for openid4java and seasar frameworks (#7417 - @manuel-alvarez-alvarez)
- Add detection of untrusted deserialization in snakeyaml library (#7406 - @Mariovido)
- β¨ Fix progagation for Untrusted Deserialization vulnerability (#7374 - @Mariovido)
- Map JSP stack traces to file names (#7005 - @jandro996)
Application Security Management (WAF)
- Free AppSecRequestContext resources when the request ends (#7535 - @manuel-alvarez-alvarez)
- π Make RASP addresses ephemeral (#7529 - @manuel-alvarez-alvarez)
- β¨ Set DD_APPSEC_RASP_ENABLED to true by default (#7528 - @smola)
- π Fix call depth counter for sqli blocking (#7522 - @ValentinZakharov)
- Enable WAF generate_stack action by default (#7518 - @smola)
- β¨ Remove warning whenever we receive an unknown WAF address (#7482 - @smola)
- Add fingerprint support to the WAF (#7436 - @manuel-alvarez-alvarez)
- Upgrade to AppSec rules v1.13.0 (#7424 - @manuel-alvarez-alvarez)
- Add support for suspicious attacker blocking to appsec (#7401 - @manuel-alvarez-alvarez)
- Exploit prevention for SSRF (in java.net.URL) (#7373 - @manuel-alvarez-alvarez)
Cloud Workload Security (CWS)
- Make cws-tls use the same JNA dependency as instrumentations (#7412 - @bantonsson)
Continuous Integration Visibility
- π Fix Gradle Daemon process detection (#7524 - @nikita-tkachenko-datadog)
- π§Ή Split Gradle instrumentations into different modules (#7523 - @nikita-tkachenko-datadog)
- π Implement a fallback method for getting effective JVM for Maven Surefire executions (#7493 - @nikita-tkachenko-datadog)
- π Fix Cucumber JUnit 4 instrumentation to support empty scenario names (#7470 - @nikita-tkachenko-datadog)
- Implement telemetry and global per-JVM limit for auto test retries (#7458 - @nikita-tkachenko-datadog)
- π Fix Cucumber JUnit 4 instrumentation to correctly handle feature and scenario names with brackets (#7446 - @nikita-tkachenko-datadog)
- π Fix Gradle instrumentation to support v8.10 (#7443 - @nikita-tkachenko-datadog)
- π Fix Maven instrumentation to support command-line plugin goals invocation (#7430 - @nikita-tkachenko-datadog)
Crash tracking
- Make the warning in ScriptInitializer less scary (#7514 - @jbachorik)
- π§Ή Improving crash tracking script initialization error handling (#7427 - @PerfectSlayer)
- π Fix crash-tracking uploader script overwrite warning (#7386 - @jbachorik)
Data Streams Monitoring
Database Monitoring
- Full mode for SQL Server (#7186 - @nenadnoveljic)
Dynamic Instrumentation
- π Fix concurrent modification (#7469 - @jpbempel)
- π Fix considering directory as jar file (#7459 - @jpbempel)
- β¨ Add exclusion predefined redaction keywords (#7457 - @jpbempel)
- π fix freeze context only for capturing line probe (#7456 - @jpbempel)
- π Fix SymDB upload dropped requests (#7442 - @jpbempel)
- β¨ Add protobuf collections as safe ones (#7438 - @jpbempel)
- π Fix Fingerprinter thread safety (#7429 - @jpbempel)
- π Add modifiers for extracting symbols (#7420 - @jpbempel)
- β¨ Add support for enum value comparison (#7418 - @jpbempel)
GraalVM native-image
- Avoid RemoteHostnameAdder.config resolution error when building Quarkus native images (#7480 - @mcculls)
- Fix ClassNotFoundException: net.jpountz.lz4.LZ4JavaSafeCompressor when instrumenting Kafka 3.7 with Quarkus native (#7404 - @mcculls)
- Fix unresolved field error when instrumenting Kafka 3.7 with Quarkus native (#7403 - @mcculls)
JMX fetch
- Bump JmxFetch to 0.49.4 (#7501 - @amarziali)
Metrics
Profiling
- Log a warning when profiling enablement is misconfigured. (#7511 - @jbachorik)
- Emit recording setting events for SSI details (#7507 - @jbachorik)
- π Update ddprof to 1.13.0 (#7471 - @r1viollet)
- Allow subsampling the liveheap profiling data (#7380 - @jbachorik)
Telemetry
- π Enable telemetry logs for services using AppSec (#7534 - @smola)
- π Enable telemetry logs for a subset of Java versions (#7475 - @PerfectSlayer)
- Tag span metrics with 'otel.library' when we know it was created by an OTel extension (#7463 - @mcculls)
- β¨ Reduce telemetry log messages per minute to 10 (#7410 - @smola)
- β¨ Add Otel env var telemetry (#7391 - @cecile75)
- β¨ Add telemetry app product change message (#7348 - @jandro996)
- Adding InitializationTelemetry - e.g. guard rails reporting (#7287 - @dougqh)
Trace context propagation
- β¨ Use W3C Trace Context trace ID as parent ID regardless of propagation style order (#7355 - @mtoffl01)
Tracer core
- π Avoid using stdout to report bootstrapping errors (#7432 - @PerfectSlayer)
- Add _dd.tracer_host to local root spans (#7388 - @amarziali)
Instrumentations
Apache Spark instrumentation
- Allow instrumented Spark trace linked to Openlineage originated context (#7450 - @yiliangzhou)
Armeria Instrumentation
AWS SDK instrumentation
gRPC instrumentation
- π Fix grpc server error mark (#7505 - @amarziali)
JDBC instrumentation
- π Don't leak calldepth threadlocal on statements (#7472 - @amarziali)
- π Do not leak call depth threadlocal in jdbc instrumentation (#7468 - @amarziali)
- π Fix exception handling for SQL Server full mode (#7405 - @nenadnoveljic)
- Full mode for SQL Server (#7186 - @nenadnoveljic)
OpenTelemetry instrumentation
- OpenTelemetry drop-in fixes for Apache Pulsar (#7500 - @mcculls)
- OpenTelemetry drop-in fixes for Apache Dubbo (#7499 - @mcculls)
- OpenTelemetry drop-in fixes for Armeria HTTP (#7498 - @mcculls)
- Tag span metrics with 'otel.library' when we know it was created by an OTel extension (#7463 - @mcculls)
- OpenTelemetry drop-in fixes for r2dbc (#7444 - @mcculls)
All other instrumentations
- OpenTelemetry drop-in fixes for Apache Pulsar (#7500 - @mcculls)
- OpenTelemetry drop-in fixes for Apache Dubbo (#7499 - @mcculls)
- π Apache http client 4: do not copy all request headers on redirect (#7483 - @amarziali)
- π Avoid finishing twice a servlet 3 async dispatch span (#7395 - @amarziali)