1.22.0

Breaking Changes

⚠️ This release contains a change in the normalization of resource names with spaces.
See #5968 for further notes on details and the feature flag to revert back to the old behavior.

Components

Application Security Management (IAST)

• Handle serialization exceptions in IAST (#6102 - @smola)
• 🐛 Fix NPE in IAST evidence redaction (#6099 - @smola)
• Protect EvidenceAdapter against invalid ranges (#6071 - @jandro996)
• Changed HttpServletRequest.getRequestURI reported source to http.request.path (#6066 - @DDJavierSantos)
• Ensure that iast json tag does not exceed the maximum allowed (#5987 - @jandro996)
• Limit the max number of ranges for a tainted value (#5986 - @manuel-alvarez-alvarez)
• Truncate long String values in IAST Vulnerabilities (#5975 - @jandro996)
• 🐛 Fix issue redacting consecutive tainted values (#5969 - @manuel-alvarez-alvarez)
• 🐛 Fix the X-Content-Type-Options header string (#5950 - @DDJavierSantos)
• Add tainted range based redaction for XSS vulnerabilities (#5948 - @jandro996)
• ✨ Add redefinition listener to disable taintable visitor in case of failure (#5928 - @manuel-alvarez-alvarez)
• Update IAST vulnerability hash (#5926 - @jandro996)
• Add multipart support as IAST source for servlet (#5918 - @DDJavierSantos)
• Add propagation support to GRPC request payloads (#5894 - @manuel-alvarez-alvarez)
• Support servlet getRequestURI/getPathTranslated/getPathInfo as IAST sources (#5814 - @DDJavierSantos)

Application Security Management (WAF)

• Akka: skip synthetic header Raw-Request-Uri (#6101 - @cataphract)
• Update obfuscation query string regex (#6095 - @ValentinZakharov)
• Fix AppSec-related problems in akka-http (#5989 - @cataphract)
• ⚠️ Appsec support for Play 2.5+ (#5968 - @cataphract)
• Added trusted IPs protocol (#5952 - @ValentinZakharov)
• 🐛 Fix blocking in netty 3.8 (#5947 - @cataphract)
• Added Api Security request data classification (#5942 - @ValentinZakharov)
• Add support of all rule tags in AppSec event reports (#5939 - @ValentinZakharov)
• Add API Security request schema extraction (#5888 - @ValentinZakharov)
• ASM WAF support for Akka HTTP (#5855 - @cataphract)

Build & Tooling

• Make sure internal 'datadog.trace.api.Functions' class is relocated in dd-trace-ot (#6005 - @mcculls)

Continuous Integration Visibility

• 🐛 Fix tracer logging when instrumenting Gradle Daemon (#6080 - @nikita-tkachenko-datadog)
• Add support for Karate testing framework (#6041 - @nikita-tkachenko-datadog)
• Add support for AWS CodePipeline CI provider (#6027 - @nikita-tkachenko-datadog)
• Remove application key header from settings and ITR requests (#5949 - @nikita-tkachenko-datadog)
• 🐛 Update Git unshallow logic to handle cases when HEAD points to a local-only commit (#5934 - @nikita-tkachenko-datadog)
• 🐛 Fix module coverage calculation issue where data from one module could influence data from another module (#5931 - @nikita-tkachenko-datadog)
• 🧹 Split JUnit 5 instrumentation logic into framework-specific modules (#5907 - @nikita-tkachenko-datadog)
• Implement ITR unskippable tests for TestNG (#5889 - @nikita-tkachenko-datadog)
• Imlpement ITR unskippable tests for JUnit 4 (#5882 - @nikita-tkachenko-datadog)
• 🧹 Create separate modules for test framework instrumentations based on JUnit 4 (#5875 - @nikita-tkachenko-datadog)
• Imlpement ITR unskippable tests for JUnit 5 (#5874 - @nikita-tkachenko-datadog)
• ⚡ Update Jacoco instrumentation logic to use static method handles instead of reflection (#5845 - @nikita-tkachenko-datadog)
• ✨ Automatically configure list of packages for Jacoco instrumentation (#5835 - @nikita-tkachenko-datadog)

Data Streams Monitoring

• Avoid potential deadlock in DefaultDataStreamsMonitoring on tracer shutdown (#6011 - @mcculls)
• ✨ Add DSM API changes to support kinesis use case (#6001 - @devinsba)
• ✨ Add DSM implementation for kinesis in SDKv1 (#5981 - @devinsba)
• ✨ Add DSM implementation for kinesis in SDKv2 (#5966 - @devinsba)

Dynamic Instrumentation

• 🐛 Fix sampling with probe condition (#6086 - @jpbempel)
• ✨ Add config for custom redacted types (#6059 - @jpbempel)
• ✨ Add config fo custom redacted identifiers (#6053 - @jpbempel)
• ✨ Introduce PII redaction based on keywords (#6048 - @jpbempel)
• 🐛 Disable sampling for span decoration probe (#6006 - @jpbempel)
• ✨ Introduce symbol extraction for debugger (#6004 - @jpbempel)
• 🐛 Fix race condition for applying probe rate limits (#5988 - @jpbempel)
• Fix boolean expression eval as template parameter (#5971 - @jpbempel)
• 🐛 Prevent calling size method from unknown classes (#5946 - @jpbempel)

GraalVM native-image

• Mark some default services as off during native-image build (#6079 - @mcculls)
• Skip task scope creation for Graal VMOperation threads (#6078 - @mcculls)
• Relocate OkHttp to avoid conflicts (#6018 - @luneo7 - thanks for the contribution!)
• Register that we will reflect on ConcurrentHashMap constructor at runtime (#5924 - @mcculls)

Metrics

• Support StatsD client tuning (#6043 - @mcculls)

Profiling

• add heap histogram option (#6076 - @richardstartin)
• Expose omit linenumbers mode for profiler (#6040 - @richardstartin)
• Upgrade to ddprof 0.81.0 (#6039 - @richardstartin)
• Do not record queue time before JFR is initialised (#5977 - @richardstartin)
• Upgrade to ddprof 0.79.0 (#5965 - @richardstartin)
• 🐛 fix wallclock profiler enablement logic (#5960 - @richardstartin)
• Enable jdk.ZAllocationStall event (#5954 - @richardstartin)
• Register netty event loops known to do IO for wallclock profiling (#5944 - @richardstartin)
• Propagate span into lettuce CommandHandler event loop (#5936 - @richardstartin)
• Do not start profiler if running in AWS Lambda. (#5891 - @purple4reina)

Telemetry

• 🐛 Fix dependency service for spaced paths (#6051 - @ygree)
• Flush telemetry data on JVM shutdown (#5943 - @nikita-tkachenko-datadog)

Tracer core

• Skip attaching the tracer to the keytool command (#6096 - @mcculls)
• 🧪 Service naming: use the root service instead DD_SERVICE when flattening (#5959 - @amarziali)
• Flush telemetry data on JVM shutdown (#5943 - @nikita-tkachenko-datadog)
• 🐛 Fix baggage HTTP header encoding (#5927 - @PerfectSlayer)

Instrumentations

Apache Spark instrumentation

• Add support for scala 2.13 for spark instrumentation (#6054 - @paul-laffon-dd)
• Rename spark streaming query attributes (#6029 - @paul-laffon-dd)
• Add spark streaming watermark gap metric (#5979 - @paul-laffon-dd)
• Add Databricks default service name if not set by the user (#5961 - @paul-laffon-dd)
• ⚠️ Rename operation name spark.batch to spark.streaming_batch (#5953 - @paul-laffon-dd)

Armeria Instrumentation

• ✨ Add support for armeria-grpc (#5819 - @devinsba)

AWS SDK instrumentation

• 🐛 AWS set reponse status on error (#6055 - @ygree)
• ✨ Add DSM implementation for kinesis in SDKv1 (#5981 - @devinsba)
• ✨ Add DSM implementation for kinesis in SDKv2 (#5966 - @devinsba)
• ✨ Extract trace context from embedded SQS message attribute '_datadog' (#5920 - @mcculls)

gRPC instrumentation

• Register netty event loops known to do IO for wallclock profiling (#5944 - @richardstartin)
• ✨ Add support for armeria-grpc (#5819 - @devinsba)

JDBC instrumentation

• Add dd.trace.db.client.split-by-host Config (#4094 - @shunyy - thanks for the contribution!)

Lettuce instrumentation

• Register netty event loops known to do IO for wallclock profiling (#5944 - @richardstartin)
• Propagate span into lettuce CommandHandler event loop (#5936 - @richardstartin)

Netty instrumentation

• Register netty event loops known to do IO for wallclock profiling (#5944 - @richardstartin)

OpenTelemetry instrumentation

• ✨ Improve OpenTelemetry span attributes encoding (#5980 - @PerfectSlayer)
• ✨ Add support for OpenTelemetry root context manipulation (#5970 - @PerfectSlayer)
• ✨ Add OpenTelemetry context propagator instrumentation support (#5962 - @PerfectSlayer)

Play Framework instrumentation

• 🐛 Fix play-2.6 reporting header ip as peer IP (#6014 - @cataphract)

Trace annotations instrumentation

• ✨ Support @Trace(noParent=true) to always start a new trace at that method (#6032 - @mcculls)

All other instrumentations

• Add weblogic.net.http.HttpURLConnection to list of traced connection classes (#6047 - @mcculls)
• Support tracing of custom (non-JDK) HttpURLConnection implementations (#6046 - @mcculls)
• Skip falling back to 'org.apache.jasper.servlet.JasperLoader.loadClass' (#5998 - @mcculls)
• Use package prefix to direct search for helper dependencies in OSGi (#5973 - @mcculls)
• Openliberty jakarta integration (#5652 - @nayeem-kamal)