Skip to content

Bump ddtrace from 2.1.7 to 2.6.5 #77

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

Bump ddtrace from 2.1.7 to 2.6.5 #77

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Feb 22, 2024

Bumps ddtrace from 2.1.7 to 2.6.5.

Release notes

Sourced from ddtrace's releases.

2.6.5

Bug Fixes

  • Vulnerability Management for Code-level (IAST): fix potentially empty ranges after executing the decode aspect.
  • Vulnerability Management for Code-level (IAST): Fixes an issue where requests stopped being analyzed after some time due.

2.6.4

Bug Fixes

  • CI Visibility: fixes issues with pytest~=8.0 that would case crashes in certain scenarios, and returned different module names
  • CI Visibility: fix a potential crash for CPython<3.10 when a socket.timeout error was raised instead of the expected TimeoutError during CI Visibility API requests
  • profiling: fixes an issue that could have caused the profiler to stop if unable to determine the class name of a profiled function with CPython 3.11 and newer.

2.6.3

Bug Fixes

  • tracing: This fix resolves an issue where previously some traces that were not sampled were not sent to the trace-agent, possibly affecting metrics. With this fix, all traces are sent to the agent.
  • ASM: This fix resolves an issue where rules updated through remote config were not properly updating required waf addresses. This could lead to custom rules being ignored.

2.6.2

Bug Fixes

  • botocore: Fixes bug where SQS and Kinesis results and errors were not recorded when DD_BOTOCORE_EMPTY_POLL_ENABLED=false. config.botocore.empty_poll_enabled=false and no records were found.
  • tracing: Resolves telemetry import error raised when DD_INSTRUMENTATION_TELEMETRY_ENABLED is set to False.

2.6.1

Bug Fixes

  • botocore: Fixes bug that was causing spans to be created when DD_BOTOCORE_EMPTY_POLL_ENABLED=false is set and sqs.receiveMessage and kinesis.getRecords operations return no records.
  • CI Visibility: This fix makes the CI Visibility system resilient to RuntimeErrors that can occur between pytest tests with coverage enabled.
  • Vulnerability Management for Code-level (IAST): don't patch BytesIO since we don't have any aspects for it.
  • Vulnerability Management for Code-level (IAST): Fixes issues derived from AST patching code with type annotations.

2.6.0

Upgrade Notes

  • CI Visibility: DD_CIVISIBILITY_ITR_ENABLED now defaults to true, and the Datadog API (configured via the Datadog dashboard) now determines whether code coverage and test skipping are enabled.
  • CI Visibility: the CI Visibility service is no longer enabled when the initial query to the Datadog test service settings API fails due to a 403 status code.

New Features

  • botocore: Adds optional feature to propagate context between producers and consumers for AWS SQS, AWS SNS, and AWS Kinesis via DD_BOTOCORE_PROPAGATION_ENABLED environment variable. Adds optional feature to disable tracing of AWS SQS poll() operation and AWS Kinesis 'get_records()' operation when no data is consumed via DD_BOTOCORE_EMPTY_POLL_ENABLED environment variable.
  • tracing: Adds new tag python_main_package containing the name of the main package of the application.
  • profiling: Adds new tag python_main_package containing the name of the main package of the application.
  • ASM: API Security schema collection is now officially supported for Django, Flask and FastAPI. It is enabled by default and can be disabled in the tracer using environment variable DD_API_SECURITY_ENABLED=false It will only be active when ASM is also enabled.

... (truncated)

Commits
  • 3074740 fix(iast): improve overhead control logic (#8452) (#8495)
  • 35f23e3 ci(iast): remove unmatched pattern from suitespec [backport 2.6] (#8490)
  • ca697fd fix: fix decode empty ranges [backport 2.6] (#8485)
  • 831e403 fix(profiling): handle exceptions in class name extraction [backport 2.6] (#8...
  • 8d2e0c0 fix(ci_visibility): support pytest 8.0.0 [backport 2.6] (#8475)
  • d3c559b fix(ci_visibility): catch socket.timeouterrors ... generated by python<3.10 [...
  • b61deff fix(asm): update required address when new rules are updated [backport 2.6] (...
  • 36f3bb0 ci: get latest commit message to look for itr:noskip [backport 2.6] (#8411)
  • 69b18ea fix(tracing): return trace regardless of sampling decision unless stats comp ...
  • e06ed1e ci: add missing sampling snapshot test [backport 2.6] (#8412)
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump ddtrace from 2.1.7 to 2.6.5
6bcec47 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-py) from 2.1.7 to 2.6.5.
- [Release notes](https://github.com/DataDog/dd-trace-py/releases)
- [Changelog](https://github.com/DataDog/dd-trace-py/blob/main/CHANGELOG.md)
- [Commits](DataDog/dd-trace-py@v2.1.7...v2.6.5)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 22, 2024
@dependabot dependabot bot mentioned this pull request Feb 22, 2024
Closed
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Mar 1, 2024

Superseded by #78.

@dependabot dependabot bot closed this Mar 1, 2024
@dependabot dependabot bot deleted the dependabot/pip/ddtrace-2.6.5 branch March 1, 2024 21:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants