2.51.0

Summary

• [APM] Fix rare TypeLoadException when running instrumented code
• [APM] Fix issue with runtime metrics that could cause memory usage to be reported as negative on x86
• [IAST] Directory listing leak vulnerability detection (Kestrel)
• [ASM] RASP: SSRF blocking. LFi reporting.
• [CI Visibility] Early Flake Detection
• [CI Visibility] Selenium + RUM support
• [Dynamic Instrumentation] Supporting putting a probe in a method which uses a pointer and pinned local variable
• [Profiler] Several fixes

Changes

Tracer

• Encode the last seen Datadog span ID within tracestate (#5176)
• Check to ignore Activity when creating TraceID (#5318)
• read variable responsible for enabling SCA (#5432)
• Fix sending Content-Length: 0 when using chunked-encoding (#5445)
• Add full support for multipart form requests (#5448)
• Avoid batching updates in runtime metrics (#5469)
• Update RegexBuilder to accept a Timeout so we can reduce flake (#5471)
• [Tracing] sampling code cleanup (#5477)
• Switch memory mapped counters to unsigned (#5480)
• Fix nullable reference bugs in Kinesis integration (#5528)

CI Visibility

• [CI Visibility] Early Flake Detection (#5320)
• [CI Visibility] - Improvements to the dd-trace ci ... commands (#5468)
• [CI Visibility] - Selenium + RUM support (#5505)
• [CI Visibility] - Ensure continuous profiler flush on CI Visibility close method (#5513)
• [CI Visibility] - Fix force Evp proxy environment variable (#5526)
• [CI Visibility] Add linux whereis command as a fallback to locate the target binary. (#5532)

ASM

• [ASM][IAST] Add Directory listing leak vulnerability (kestrel) (#5475)
• [ASM] change env variable name to remove experimental keyword (#5478)
• [ASM][IAST] Add exception for Vary: Origin (#5486)
• Send Rasp settings. Change codeowner file for snapshots. (#5490)
• [ASM] RASP: Lfi reporting (#5491)
• [ASM] Rasp: Block SSRF attacks (#5507)
• [ASM] Add stack traces to the span for RASP vulnerabilities (#5515)
• [ASM] Add RASP telemetry (#5527)
• Update WAF to version 1.17 (#5463)
• Fix RegisterIastAspects signature (#5474)

Continuous Profiler

• [Profiler] Fix crash in Sampler at shutdown (#5483)
• [Profiler] Fix various thing in the profiler testing infrastructure (#5495)
• [Profiler] Fix bug debug info store & line of code (Code viewer) (#5496)

Debugger

• [Dynamic Instrumentation] Fix System.ArgumentNullException while processing span decoration probes with empty tags (#5444)
• [Debugger][Test] skip some tests that fail in DEBUG mode (#5452)
• [Dynamic Instrumentation] DEBUG-2320 Support pointer and pinned local (#5464)
• [Dynamic Instrumentation] DEBUG-2321 Add local pinned and pointer for instrumentation verification (#5465)
• [Dynamic Instrumentation] DEBUG-2322 Find correct member ref based on best candidate (#5467)
• [Dynamic Instrumentation] Fix PinnedLocalTest (#5511)
• [Dynamic Instrumentation] Add 'connectionString' to the list of redacted values (#5487)
• [Dynamic Instrumentation] Do not create probe processor and rate limiting for unbound line probes (#5503)
• [Dynamic Instrumentation] Consolidate PII redaction keys for all libraries. (#5522)

Serverless

• [Serverless] add CI_COMMIT_TAG to be sent downstream (#5460)

Build / Test

• Avoid more flake in smoke tests (#5413)
• Try again to fix dd-trace build (#5429)
• Refactor test infrastructure to support chunked encoding/gzip correctly (#5446)
• Add testing of IMultipartApiRequest for UDS, streams and gzip (#5447)
• [CI] Minor cleanup (#5450)
• Fix dotnet_tool build (#5470)
• Fix some flaky tests in IAST and sampling (#5472)
• Ignore expected CI Visibility error (#5482)
• [CLI Tool] Updated COMPlus_EnableDiagnostics Message (#5485)
• Simplify CI Visibility snapshot names (#5488)
• [CI] Fix flake in Git Telemetry (#5497)
• Remove direct references to Datadog.Trace from Security samples (#5500)
• Fix DSM SQS tests (#5530)

Miscellaneous

• Calltarget ref struct support (#5442)
• [APM] Add git reference to application telemetry (#5459)
• Don't send errors from Exceptions during requests to RCM (#5466)
• Fix git metadata collection (#5489)
• Fix race condition when initializing metadata (#5508)
• Remove some write flags from GetModuleMetaData calls (#5517)
• Prefix dynamic assemblies with "Datadog." (#5523)
• Include inner exceptions in the telemetry logs (#5529)

Changes since 2.50.0

2.50.0

Summary

• [CI Visibility] - Improvements for MSTest: custom TestMethod, custom DisplayName, and missing tests
• [IAST] - NHibernate SQLI vulnerability detection
• [ASM] - Add support for null-returning controller actions
• [Dynamic Instrumentation] - Improvements to async method handling
• [Dynamic Instrumentation] - Improvements to symbol database
• [Profiler] Performance improvements have been made and reduce the profiler overhead

Changes

Tracer

• [ASM] Report external wafs headers (#5178)
• Add rate limit for the log written by TraceRateLimiter (#5229)
• Optimize HttpMessage.GetContentEncoding using spans (#5301)
• Use TraceId128 in log instead of TraceId (#5312)
• Use vendored span in HexString (#5313)
• Add support for span links (#5354)
• [Tracing] Add IsRemote to SpanContext (#5385)
• Adding nullability to CallTarget code and null checks to the ducktyping constraints proxy (#5393)
• Add try/finally to Msmq integration (#5457)

CI Visibility

• [CI Visibility] - New CI Visibility code coverage algorithm (#5254)
• [CI Visibility] Fix some test to avoid flakiness on retries. (#5325)
• [CI Visibility] - MSTest2 Improvements and Fixes (#5381)
• [CI Visibility] - Fix ITR Code Coverage collector attach algorithm (#5412)
• [CI Visibility] - Find .git folder when using GetFrom method as a fallback (#5425)

ASM

• [ASM][ApiSecurity] Change Api Securitysampling algorithm (#5257)
• [ASM] never log WAF at debug level, since (#5295)
• [ASM] Dont deserialize rcm payloads until they are needed for memory optimization (#5296)
• [ASM] Fix our legacy encoder benchmarks memory leak (#5308)
• Fix how security settings are read (#5317)
• [ASM] Ensure new sample and agent are used on each test (#5339)
• [ASM][IAST] NHibernate support (SQLI Vuln) (#5347)
• [ASM] Fix nullreference exception escalation on response body instrumentation for NET Fx (#5365)

Continuous Profiler

• [Profiler] Use a homemade implementation of linked-list (#5284)
• [Profiler] Add FlushProfile public method (#5303)
• [Profiler] Remove flakiness for GC CPU comsumption (#5323)
• [Profiler] Add callstack provider (#5328)
• [Profiler] Avoid named pipe test flackiness (#5331)
• [Profiler] Bump to libdatadog 8 (#5348)
• Update libunwind to 1.8.1 (#5358)
• [Profiler] Fix bug in case of Agent error with .NET Framework (#5368)
• Include the libunwind double-free fix (#5397)
• [Profiler] Upgrade cppcheck to 2.12 (#5398)
• Fix profiler integration tests (#5423)
• [Profiler] Move GetAppDomain to ManagedThreadInfo (#5427)
• [Profiler] Pass memory_resource around (#5434)
• [Profiler] Fix possible crash when Agent does not answer namedpipe connection (#5437)
• [Profiler] Fix use-after-free ASAN diagnostic (#5441)

Debugger

• [Dynamic Instrumentation] Consider 3rd party assemblies on SymDB (#5380)
• [Dynamic Instrumentation] Support legacy endpoint for diagnostics uploading (#5456)
• [Dynamic Instrumentation] Reduce allocations in probe processing (#5132)
• [Dynamic Instrumentation] Handle Out Of Range exception in SymDB (#5162)
• [Dynamic Instrumentation] Fix number of locals in async method (#5131)
• [Dynamic Instrumentation] Add NotCapturedReason for unreachable local var value in async method (#5161)
• [Dynamic Instrumentation] Normalize redaction keywords + add missing keywords (#5350)
• [Dynamic Instrumentation] Acknowledge log probe capture limits (#5364)
• [Dynamic Instrumentation] Added emitting status for probes (#5372)
• [Dynamic Instrumentation] Introduce diagnostics endpoint (#5373)
• [Dynamic Instrumentation] Temporary disable system tests (#5411)
• [Dynamic Instrumentation] Fix type of local in async method (#5414)
• [Dynamic Instrumentation] Fix probe status upload + refactor upload process (#5422)

Exception Debugging

• [Exception Debugging] Introducing the Exception Debugging product (#5163)
• [Exception Debugging] Minor post-merge fix to Exception Debugging unwinding logic (#5327)
• [Exception Debugging] Better communicate non-captured exceptions (#5371)
• [Exception Debugging] Enhanced the reporting of non-captured exceptions (#5391)

Serverless

• [Serverless] add serverless benchmarks (#5374)
• [Serverless] update benchmark variables (#5409)

Fixes

• Add some more #nullable enable (#5332)

Build / Test

• Fix 2.7.0 XUnit tests (#5341)
• Update CI support for release branches (#4811)
• Add explicit "clean" step to clone repo (#5309)
• Clean dangling AgentWriter instances in unit tests (#5311)
• Fix lib-injection container images (#5322)
• Increase the margin for the number of threads in RuntimeMetricsWriterTests (#5329)
• Remove automatic deploy to di (#5330)
• [Test] Running AspNetCore5IastTestsFullSampling Tests Serially (#5333)
• Disable inlining for restsharp exploration tests (#5335)
• Start pushing latest_snapshot images for lib-injection images (#5336)
• Filtering out Timer ExitApp span (#5337)
• [Test Package Versions Bump] Updating package versions (#5338)
• [ci] Add oci package build (#5340)
• Update CODEOWNERS file for MethodSymbolResolver.cs (#5342)
• [Build] Extend Azure Service Bus testing from versions 7.4.x - 7.17.x (#5343)
• Disable Inlining to 0 for both Cake & swashbuckle tests (#5344)
• Disabling ASM Throughput Job (#5345)
• Running all WafLibraryRequiredTest tests serially (#5346)
• Exclude known error from smoke tests (#5349)
• Update some packages (#5353)
• Fix some warnings in the samples (#5366)
• separate DSM tests for more clarity (#5367)
• Fix smoke test issue and pin versions (#5376)
• Fix some more build warnings from the samples (#5378)
• Don't print snapshots diff unless running in CI (#5379)
• [Auto instrumentation generator] Add support for nested types (#5382)
• K8s Lib Injection: Migration (#5383)
• Try fix macos unit test crash (#5384)
• Try working around missing Docker Compose v1 in hosted runners (#5386)
• Really clean up before doing anything (#5387)
• Only publish :latest lib-injection container images on merges to master (#5388)
• Temporarily disable profiler CppCheck (#5389)
• Split the macos build into 2 jobs and parallelise (#5390)
• Ensure we also clean hidden folders (#5399)
• Use docker mirror image in GitLab instead of dockerhub (#5401)
• Remove direct reference to Samples.AspNetCore.RazorPages from integration test project (#5402)
• Set the obfuscation querystring regex to something large to avoid flake in integration tests (#5403)
• Don't specify port for Yarp test to avoid flake (#5404)
• [Test Package Versions Bump] Updating package versions (#5405)
• Update approvals for debugger async tests (#5406)
• Update GitHub token to one that's not about to expire (#5407)
• Ignore complaints from NuGet about out of support packages (#5415)
• Add an explicit "clean docker" step (#5417)
• Don't re-build everything when building the runner in CI (#5424)
• Bump the timeout of the integration_tests_windows stage (#5426)
• Bump the macos timeout (#5430)

Miscellaneous

• [Tracer][Logs] ILogger sample in Azure Functions (#4065)
• [DSM] - Use the same header adapter on get and put (#5361)

Changes since 2.49.0

2.49.0

Summary

• Significantly improved runtime metrics performance
• Fixes for MSTestV2 integration on .NET Framework
• Fixes for IbmMq instrumentation for DSM
• Added additional integration and improvements for IAST
• Added DD_TAGS to snapshot query parameter for Dynamic Instrumentation

Changes

Tracer

• [Tracing] Support configuring DD_TRACE_ENABLED remotely (#5181)
• Add support for DD_DOGSTATSD_URL (#5224)
• Minor (potential) fixes for NullReferenceException (#5230)
• Warm up the query string obfuscator regex (#5266)
• Include the trace sampling priority in the span debug log (#5274)
• [Tracer] Include propagation style in the configuration log (#5275)
• Fix errors identified from telemetry (#5279)
• Allow skipping span generation in ProcessStart integration (#5280)
• Don't allow adding null to the GRPC headers (#5286)
• Add meta_struct capability to the tracer (#5287)
• Handle case where SetExceptionTags() throws (#5291)
• Use vendored spans in tags generation (#5298)
• Optimize runtime metrics (#5304)
• [Tracing] Update instrumentation point for DD_TRACE_DELAY_WCF_INSTRUMENTATION_ENABLED=true (#5206)

CI Visibility

• [CI Visibility] - Enable snapshot testing of current testing framework implementations (#5226)
• [CI Visibility] - Add a rate limit to the warning message of the OriginTagTraceProcessor (#5261)
• Disable profiling in benchmarks (#5262)
• [CI Visibility] Fix MSTestV2 integration on .NET Framework (#5269)

ASM

• [ASM][IAST] Insecure Auth Vulnerability (#5148)
• [IAST] Added tests cases for Custom Manual and Attribute spans (#5218)
• [ASM][IAST] Support manual JSON deserialisation (System.Text.Json) (#5223)
• [IAST] XSS vulnerability (#5231)
• [ASM] Rework encoder telemetry and logs (#5234)
• [ASM][IAST] Support manual JSON deserialisation (Newtonsoft.Json) (#5238)
• [IAST] Set redaction config values according to documentation (#5242)
• [ASM] Add processors and scanners to ruleset (#5248)
• [ASM][IAST] Support manual JSON deserialisation (JavaScriptSerializer) #5238 (#5251)
• [ASM] Exclude NHibernate from callsite instrumentation (#5265)
• [ASM][IAST] Configure maximum IAST Ranges (#5292)
• [ASM] Deactivate benchmark for legacy encoder to help CI (#5299)
• [IAST] Vulnerability and Evidence truncation (#5302)
• [ASM] Try fix memory buildup in asm benchmarks removing destructor in Obj (#5305)
• [ASM] Add dummy agent writer for benchmarks (#5307)
• [ASM] - Fix HttpRequestValidationException Error (#5221)
• [IAST] Path in location is always the fully qualified type name (#5256)
• [IAST] Fix version parsing in Dataflow (#5263)

Continuous Profiler

• [Profiler] Force gen2 GCs to avoid test flakyness (#5273)
• [Profiler] Exclude export error message from flaky test (#5277)

Debugger

• [Dynamic Instrumentation] Fix not equal (ne!=) operator in EL (#5212)
• [Dynamic Instrumentation] Remove async void in SymbolsUploader (#5155)
• [Dynamic Instrumentation] Adding ddtags to snapshot query parameter (#5210)

Build / Test

• Enable Datadog static analysis (#5057)
• Try play asm benchmark only on appsec changed (#5066)
• Report library configuration through telemetry (#5126)
• Removing check to allow the test to create snapshots (#5246)
• [Tracer] Adding Optional Parameter for MockTraceAgent's WaitForSpans (#5253)
• [Tracer] Fixing Missing Query String for CleanUri_HttpUrlTag Tests (#5258)
• [Tracer] Updating GrpcLegacy Sample App and Tests (#5264)
• Add analyzer to avoid implicitly capturing parameters with primary constructors (#5276)
• add a test case where message attributes are null (integration tests) (#5282)
• Skip .NET Core 2.1 tests on ARM64 (#5283)
• Set big regex timeouts for tests (#5297)
• Running All Datadog.Trace.ClrProfiler.IntegrationTests Tests Serially (#5310)
• Fix: Skip System.Text.Json tainting tests on netcore3.0 (#5314)
• Skipping 3.0 Snapshot Check (#5316)
• [Tracer] Increasing GraphQL ObfuscationQueryStringRegexTimeout To Prevent Flakes (#5255)

Miscellaneous

• [DSM] - Fixes for IbmMq instrumentation (#5271)
• Add db name & host to sql injected tags (#5278)

Changes since 2.48.0

2.48.0

Summary

• [Tracing] Swap default propagation styles from tracecontext,Datadog to Datadog,tracecontext
  • This change informs the .NET Tracer to first attempt to extract incoming Datadog distributed tracing headers then to extract W3C trace context headers. This provides a better end-to-end experience by preferring that services instrumented by Datadog remain connected and should, in the large majority of scenarios, not affect existing traces.
• [Tracing] Fix bug where dogstatsd tries to send to the wrong hostname
• [Tracing] Fix bug when trace-agent uses chunked responses
• [ASM/IAST] Add detection of Reflection injection vulnerability
• [Continuous Profiler] Enable exception profiling by default
• [Continuous Profiler] Fix race condition in stack unwind
• [DSM] Add DSM support for SQS

Changes

Tracer

• Swap default propagation styles from tracecontext,Datadog to Datadog,tracecontext (#5115)
• [Tracing] special-case the "any" pattern in sampling rules (#5142)
• Remove non-backtracking regular expressions (#5194)
• Fix scenario where dogstatsd tries to send to the wrong hostname (#5222)
• Fix product data collected for tracer flare (#5228)
• Add a ChunkedEncodingReadStream to use when talking to the agent (#5241)
• Update DatadogHttpClient to support chunked encoding (#5244)
• Remove usage of ArrayPool<T> from ChunkedEncodingReadStream (#5247)

CI Visibility

• [CI Visibility] Sanitize git get-objects output (#5232)

ASM

• [ASM] Rasp callsite instrumentation (#5186)
• [ASM] increase waf timeout on flaky unit tests (#5196)
• [IAST] Enabled hash in integration tests (#5205)
• [IAST] Add support to AspectMethodReplace with struct arguments (#5213)
• [ASM][IAST] Reflection Injection (#5219)
• [ASM] Update RASP snapshots (#5233)
• [ASM] handle array list in legacy encoder (#5239)
• [ASM] Fix null reference exception (#5243)

Continuous Profiler

• [Profiler] Refactor to optimize samples collection (#5174)
• [Profiler] Optimize AppDomainStore (#5175)
• [Profiler] Detect Single Step Instrumentation (#5184)
• [Profiling] Reduce available symbols (#5195)
• [Profiler] On linux we may crash if we unwind a thread that was already unwinding its own callstack (#5197)
• [Profiler] Cleanup compilation warnings (#5201)
• [Profiler] Enable exception profiling by default (#5202)

Miscellaneous

• [Test Package Versions Bump] Updating package versions (#4972)
• DSM support for SQS (#4973)
• refactor SQS send/receive instrumentation code (#5120)
• [Documentation] Add a sample that configures an ASP.NET Core app with OpenTelemetry (#5203)
• Support DOTNET_EnableDiagnostics in dd-dotnet (#5208)
• Move DSM checkpointing responsibility for Kafka from API method to integration (#5211)
• Use vendored unsafe class instead of emitting IL (#5215)
• IntegrationMapper.ConvertType simplification and Ducktype optimization (#5216)

Build / Test

• Add testing for AWS Lambda on .NET 8 (#5236)
• Don't require additional Windows SDK for Nuke desktop notification (#5192)
• Tweak OpenTelemetry sample (#5204)
• Add IntegrationIdExtensions.cs to codeowners common files (#5217)
• Force update to latest Octokit version (#5249)
• Missing generated aspects (#5225)

Changes since 2.47.0

2.47.0

Summary

• [CI Visibility] - Add configure jenkins command in dd-trace
• [CI Visibility] - Add GAC installation feature for .NET Framework
• [ASM] - Add API Security for .NET Framework
• [ASM] - Add nosql (Mongo), stack trace leak, and xpath injection vulnerability detection
• [Profiler] - Add high/low thread count metrics
• [Dynamic Instrumentation] - Add instanceof, isDefined, parent type, static, public, and protected members to expression language
• [DSM] - Simplify DSM pathway context inheritance

Changes

Tracer

• Make MessagePack compatible with AOT compilation (#5092)
• Fix JSON.NET warnings for NativeAOT (#5122)
• Change AsyncManualResetEvent to use a TaskCompletionSource (#5165)
• [Tracing][ASM] http query string obfuscation should be case-insensitive (#5188)

CI Visibility

• [CI Visibility] - Add intelligent test runner CorrelationId support (#5111)
• [CI Visibility] - Add support for event proxy v4 endpoint (gzip support) (#5114)
• [CI Visibility] - Include GAC installation feature to fix compatibility with .NET Framework (#5129)
• [CI Visibility] - Update CI specs (#5137)
• [CI Visibility] - Add configure jenkins command in dd-trace ci (#5158)
• [CI Visibility] Small optimizations (#5160)
• [CI Visibility] GAC commands in dd-trace (#5167)
• [CI Visibility] - Add netcoreapp2.x support for dd-trace GAC commands (#5173)
• [CI Visibility] - Fix DiscoveryService Agent configuration callback (#5187)
• [CI Visibility] Fix MakeRelativePathFromSourceRoot method when the path is invalid (#5189)
• Changes missing on the SCI git metadata spec (#5082)

ASM

• [ASM] Add timeouts to the tokenizers regex (#5083)
• [ASM] Allow 0 values for iast regex timeout (#5139)
• [ASM] Fix of Context's disposing too early + new encoder's limits bug (#4884)
• [ASM] Api security for netfx (#4942)
• [ASM][IAST] MongoDB Integration (#4995)
• [ASM] Adapt ASM benchmarks (#5010)
• [ASM][IAST] New scrubbing for location data (#5047)
• [ASM] Concatenate the results of multi-WAF runs (#5055)
• [ASM] Stack trace leak vulnerability detection (#5067)
• [ASM] Xpath injection vulnerability (#5113)
• [ASM][IAST] Test IAST enum (#5116)
• [ASM] Exposes and test ephemeral address (#5121)
• [ASM] Fix flaky test (#5123)
• [ASM] Prevent null references: harden ControllerExtensions integration (#5124)
• [ASM] Fix log messaage for sys tests (#5135)
• [ASM] Add RASP configuration settings (#5136)
• [ASM][IAST] Fix Tests Location (#5143)
• [ASM] Update waf to 1.16.0 (#5164)
• [ASM] Fix building IAST instrumented tests on macOS + increase QoL on macOS (#5169)
• [ASM] when appsec rules files is not found, dont continue init process and log confusing messages (#5171)
• [ASM][IAST] Fix weakcipher on macos (#5172)

Continuous Profiler

• [Profiler] Refactor with a support for named pipes to communicate with Datadog Agent (#4820)
• [Profiler] Remove unused statistics method in StackSamplerLoop (#5101)
• [Profiler] Add high/low thread count metrics (#5138)

Debugger

• [Dynamic Instrumentation] Add probe-id tag to metric probe (#5023)
• [Dynamic Instrumentation] Send metric duration in case of evaluation error (#5059)
• [Dynamic Instrumentation] Support isDefined in expression language (#5021)
• [Dynamic Instrumentation] Fix EL operation names (#5022)
• [Dynamic Instrumentation] Add instanceof expression to EL (#5024)
• [Dynamic Instrumentation] Support parent type static public and protected members in EL (#5026)
• [Dynamic Instrumentation] Add @exception to locals (like @return) (#5051)
• [Dynamic Instrumentation] Replace @Exceptions with @exception in template tests (#5140)
• [Dynamic Instrumentation] Scrub stacktrace value in probe tests snapshots (#5149)

Build / Test

• Update OpenTelemetry snapshots for 1.7.0 (#4978)
• Update CosmosDb snapshots and csproj to ignore .NET Standard warning (#4979)
• Update PublishAotCompressed and enable LZMA compression (#5070)
• Fix Non-serializable data ('System.Object[]') found in tests (#5089)
• Stop rebuilding dddotnet (#5103)
• Fix instrumentation definitions source generator IDE performance (#5108)
• Test source generators for incrementality (#5109)
• [Build] Update the ubuntu Microsoft-hosted agents (#5117)
• Fix Debugger's snapshot tests (#5125)
• Avoid using dotnet run in nuke (#5127)
• [Build] Finish updating recent snapshots (#5130)
• fix unit test broket on master after merge in wrong order (#5133)
• Force execute permissions on OSX (#5145)
• Fix the issue of not having branch name when azure pipeline works with a detached HEAD (#5146)
• Output branch name to console output (#5150)
• [APM] Move common (more) files ownership on tracer folder to APM group (#5151)
• Add a fast developer loop option to the build project. (#5152)
• Create and publish arm64 version for docker image latest_snapshot (#5170)
• Default to .net core runtime on Linux in dd-dotnet (#5177)
• [Build] Fix dd-trace-dotnet:latest_snapshot image for system-tests (#5182)
• [APM] Move common files ownership on tracer folder to APM group (#5147)
• [tests] remove unused front-end files in sample/test web apps (jQuery, Bootstrap, fonts) (#4797)

Miscellaneous

• simplify & fix DSM pathway context inheritance (#5074)

Changes since 2.46.0

2.46.0

Summary

• [Tracing] Add support for matching sampling rules by resource name and span tags, and for using glob patterns
• [Tracing] Add support for tracer flare for faster support resolution
• [Tracing] Add support for container tagging over TCP on cgroup v2
• [CI Visibility] Reduce overhead of intelligent test runner, payload upload, and git unshallow
• [IAST] Add support for header injection vulnerability
• [IAST] Fix false-positive related to small-integer string cache
• [Serverless] Report exception details to Lambda extension

Changes

Tracer

• Add DD_TRACE_SAMPLING_RULES_FORMAT setting (#4984)
• [tracer] Match sampling rules by resource name and span tags (#5013)
• [Tracer] Update signature parsing in the tracer's native library to account for ELEMENT_TYPE_PTR byte (#5042)
• [Tracer] Send the Datadog-Entity-ID header, containing either the container-id or the cgroup inode if available (AIT-9281) (#5058)
• NullConfigurationSource should implement ITelemetredConfigurationSource (#5033)

CI Visibility

• [CI Visibility] - Update Code Coverage percentage reporting (#5032)
• [CI Visibility] - Improve git upload logic (#5039)
• [CI Visibility] - Intelligent Test Runner: reduce overhead of the default branch (#5041)
• [CI Visibility] - Enable AutomaticDecompression on CI Visibility http clients (#5043)
• [CI Visibility] - Add support for GZip compression in Multipart payloads (#5060)
• [CI Visibility] - Fix exception when the CodeCoverage environment variable value is null (#5063)
• [CI Visibility] - TestPlatform AssemblyResolver .ctor integration (#5088)
• Ignore TestPlatform SDK assembly resolve error from CI CheckBuildLogs (#5084)

ASM

• [ASM] IAST Header injection vulnerability detection. (#4981)
• [ASM] Dont catch CallTargetBubbleUpException native side, like on managed side (#5034)
• [IAST] SourceType refactor (#5037)
• [ASM] Add max concurrent request setting for api sec (#5048)
• [IAST] String cache bugfix (#5064)

Dynamic Instrumentation

• [Dynamic Instrumentation] Upload symbols to SymDB (with System.Reflection.Metadata) (#4782)
• [Dynamic Instrumentation] Made the captured members size flexible due to IndexOutOfRangeException (#5099)

Serverless

• Fix AWS Lambda tests (#5050)
• [SLES-1357] set exception on the aws.lambda span (#5054)

Build / Test

• [Build] adds a notification on build end (#5008)
• Add an API to create a suspended process (#5015)
• Convert integration tests to async (#5018)
• bump default kafka lib version in sample app to solve a bug with mac (#5028)
• AutoGenerator bug fixes (#5029)
• [IAST] Folder casing fix (#5035)
• Use native debugging for procdump (#5046)
• [IAST] Removed Activator calls in SourceGenerator for performance reasons (#5052)
• Minor CI fixes (#5056)
• Fix BenchmarkTests civisibility reporting (#5069)
• Fix failing GraphQL tests on .NET Core 2.1 on alpine (#5075)
• Source generator refactor (#5078)
• Shorting the symbol extractor tests approval names (#5079)
• Fix trimming file (#5080)
• Disable code coverage unless forced (#5090)
• Suppress build warnings we don't care about (#5096)
• Skip debugger SymbolExtractorTest tests (#5095)

Miscellaneous

• Reenable tracer flare and handle debug request (#5040)
• Fix - Change DelegateInstrumentation set continuations behaviour to copy Calltarget (#5049)
• Disable remote configuration in Serverless and CI scenarios (#5053)
• Always log rejit errors (#5061)
• Include telemetry data in tracer flare (#5062)
• Update some Github docs (#5077)

Changes since 2.45.0

2.45.0

Summary

• [Tracing] Fix trace context propagation when instrumenting a YARP reverse proxy
• [dd-dotnet tool] Detect when aspnetcore out-of-process is not initialized
• [ASM] Update waf 1.15.1 and rules 1.10.0
• [ASM] Fix incorrect encoding of route data in WAF

Changes

Tracer

• [Tracing] Fix trace context propagation when instrumenting a YARP reverse proxy (#5025)
• [Tracer] Update SNS integration (#4712)
• Add PushStream support to IApiRequest and support chunked-encoding (#4989)
• Add peer.hostname tag to grpc clients (#4992)
• Make custom sampling rules case-insensitive (#4999)

ASM

• [ASM] Update waf 1.15.1 and rules 1.10.0 (#4958)
• [ASM] Fix path params not being all transformed to waf encodable values (#5011)
• [ASM] Division by zero could happen if param was 0 and apisecurity is enabled (#4975)

Tools

• Detect when aspnetcore out-of-process is not initialized (#5012)

Build / Test

• [ASM][IAST] Fix macOS build for IAST Instrumented tests (#4993)
• [Build] Fix Tracer Native Build on MacOS ARM64 (#4969)
• Change the echo output in Samples.Console (#4982)
• More workarounds for Rider/NuGet bug (#4986)
• Try to fix the RedirectInput test (#4998)
• Explicitly sort files before generating missing nullability csv (#5000)
• speedup CI step verify_files_without_nullability (#5003)
• Disable inlining on automapper tests (#5004)
• Remove SA1010 exclusions (#5007)
• Make sure OsX ITests don't require dd_dotnet stuff (#5009)
• little quality of life improvements on integration tests (#5016)
• Fix OSX solution filter (#5027)
• Small fixes for MockTracerAgent and MockHttpParser parsing (#4988)
• Refactor MockTracerAgent to allow sending custom responses for any endpoint (#4997)

Miscellaneous

• Making RCM async (#4996)
• Add helpers for creating a sentinel file and for zipping debug logs (#4987)
• Add TracerFlareApi implementation for sending requests to endpoint (#4990)
• Add remote-configuration + manager support for tracer flare (#4991)
• Add nullable annotations to the datadog logging files (#4994)
• Add install signature to app-started telemetry event (#5002)
• Restore log level after tracer flare (#5017)
• Temporarily disable the tracer flare functionality (#5036)

Changes since 2.44.0

2.44.0

Summary

• [Tracer] Add support for NUnit 4.0. and Aersospike 7.0.0+
• [Tracer] Add workaround for NGEN bug in .NET runtime
• [Tracer] Add logs inject + agentless logging support for Microsoft.Extensions.Telemetry
• [ASM] Missing HSTS header and unvalidated redirect vulnerability detection
• [Dynamic Instrumentation] Added type support for PII redaction

Changes

Tracer

• Add global tags to dynamic config (#4901)
• Revert "Add CorProfilerInfo7::ApplyMetadata call" (#4945)
• Add logs injection + direct log shipping for Microsoft.Extensions.Telemetry (#4951)
• Add support for NUnit 4 (#4959)
• Un-skip manual instrumentation tests and fix flake (#4960)
• Stop caching exceptions in lazy (#4962)
• Add support for aerospike v7 (#4974)
• [IAST] Added missing nullable enable (#4977)

ASM

• [ASM] Hsts header missing vulnerability (#4873)
• [IAST] Unvalidated redirect vulnerability detection (#4925)
• Add fix for null key in SecurityCoordinator (#4961)
• [IAST] Hardcoded Secrets location bugfix (#4965)
• [ASM] Add client IP feature to the AspNetMvc integration (#4970)

Dynamic Instrumentation

• [Dynamic Instrumentation] Added type support for PII redaction (#4941)

Build / Test

• Increase the dd-dotnet artifact tests timeout to 30 seconds. (#4947)
• Remove test environment variable in Samples.Console (#4948)
• [Build/Test] Add GitHub Action to track files without nullable reference types (#4954)
• [Test Package Versions Bump] Updating package versions (#4956)
• Add workaround for Rider bug (#4976)

Changes since 2.43.0

2.43.0

Summary

• [Tracing] Add support for WCF Web HTTP
• [Tracing] Add support for Npgqsl v8.0.0 and ServiceStack.Redis v8.0.0
• [Serverless] Remove up to 100ms shutdown latency in AWS Lambda when flushing traces
• [IAST] Trust boundary violation vulnerability detection

Changes

Tracer

• Add support for WCF Web HTTP UriTemplates in WCF integration (#4903)
• [DBM] Don't inject DBM attributes into IDbCommand twice (#4909)
• Add support for Npgqsl 8.0.0 (#4910)
• Add support for ServiceStack.Redis 8.0.0 (#4911)
• Don't send some error logs to telemetry (#4934)
• Tiny cleanup of static Tracer instance usages (#4936)
• Set default batch interval in serverless scenarios (#4946)

ASM

• [ASM] Handle anonymous types when extracting object (#4865)
• [IAST] Trust Boundary Violation vulnerability implementation (#4896)
• [ASM] Downgrade middleware log if no current span found (#4932)

Continuous Profiler

• [Profiler] Update managed projects to net462 (#4683)
• [Profiler] Bump libdatadog to 5.0.0 (#4719)

Dynamic Instrumentation

• [Dynamic Instrumentation] Improved snapshot pruning algorithm (#4893)

Fixes

• Handle exception in MSMQ integration (#4931)
• Add manual+automatic instrumentation tests + fix SetUser bug (#4938)
• Fix recheck interval in DiscoveryService (#4907)
• Add null reference checks to SNS integration (#4917)
• Add null reference checks to elasticsearch7 integration (#4918)
• Fix ASP.NET Core DiagnosticObserver bugs (#4920)
• Add null reference checks to StackExchange.Redis integration (#4921)
• Add null reference checks to RabbitMq integration (#4922)
• Fix bugs with DogStatsD when using named pipes or UDS (#4933)
• Wire up the DD_TRACE_BATCH_INTERVAL setting (#4940)
• [ASM] Add null check for content body before running security checks (#4950)

Build / Test

• [Profiler] Adjust profiler tests for .NET 8 (#4908)
• [IAST] Added StringAspects.Concat() micro benchmark (#4713)
• Compile native code with C++20 (#4054)
• Reinstate version mismatch tests (#4879)
• [Test Package Versions Bump] Updating package versions (#4882)
• Remove pre-.NET8 workaround for MacOS in CI (#4888)
• [CI] Make sure all Linux images use Clang 16.0.6 (#4894)
• Attempt to add ignore various C++ warnings/errors (#4898)
• Make the agent check less verbose (#4905)
• Fix memory dumps on artifact tests (#4906)
• Fix AWS SQS test snapshots (#4913)
• Increase timeout benchmarks (#4919)
• Fix dd_dotnet version (#4923)
• [Tests] Ignore UDS telemetry test on windows (#4926)
• Sign dd-dotnet.exe that we package in MSI (#4939)
• Enable diagnostic messages in dd-dotnet artifact tests (#4944)
• Skip flaky manual instrumentation tests (#4949)

Changes since 2.42.0

2.42.0

Summary

• [Tracer] Update support for W3C interoperability (default propagation, enable 128-bits by default, improve operation names)
• [Tracer] Bundle dd-dotnet tool with installers, for easier onboarding and diagnostics
• [ASM] Support full URL request tainting, HTTP header tainting, X-Content-Type misconfiguration, and hardcoded secret detection
• [ASM] Fix potential native memory management bug
• [DSM] - Add support for IBM MQ
• [Tracer] Add support for .NET 8 GA
• [Tracer] Add support for .NET Remoting

Changes

Tracer

• [Tracer] add propagated (_dd.p.*) trace tags to the correct spans (#4332)
• Create a better OperationName for Activity/OpenTelemetry (#4700)
• [Tracer] Enable 128 bits by default (#4827)
• [Tracer] Updates Default W3C tracecontext Propagation AIT-8606 (#4859)
• [Tracer] .NET Remoting instrumentation (#4829)

CI Visibility

• Add support for NUnit 3.14.0 (#4825)

ASM

• [ASM] Api security foundation for dotnet core (#4654)
• [ASM][IAST] Hardcoded secrets (#4666)
• [ASM] Taint full url of a request in IAST (#4789)
• [ASM] Enable IAST coverage tests NET8 (#4801)
• [ASM] unknown type to encode: log debug instead of warning (#4809)
• [ASM] Add IAST header tainting integration tests (#4814)
• [ASM] X-Content-Type header missing vulnerability (#4836)
• [ASM] Add the vale of the cookie/header name in source (#4856)
• Revert "[ASM] New marshalling system for Waf.Run calls to improve spe… (#4891)

Continuous Profiler

• [Profiler] Refactoring to better wrap libdatadog (#4763)
• [Profiler] Add a scenario with obfuscation (#4788)
• [Profiler] Skip LinuxOnly Tests in VS Test explorer (#4803)
• [Profiler] Adjust Linux smoke test to avoid flakiness (#4842)
• [Profiler/CI] Align Cppcheck commandline linux/windows (#4854)
• [Profiler] Fix compilation warnings (#4855)
• [Profiler] Fix code hotspot feature tests (#4890)

Debugger

• [Dynamic Instrumentation] Instrumentation verification fixes (#4612)
• [Dynamic Instrumentation] Enriched probe status uploads with version and runtime id (#4853)

Data Streams Monitoring

• [DSM] - Initial IBM MQ support (#4776)

Fixes

• Stop pushing to the reliability environment (#4810)
• Tiny fix for crashing if DD_PROFILER_ENABLED is not set (#4849)
• Fix NullReferenceException in SQS integration (#4860)

Build / Test

• Build standalone trimmed version for net7.0 (#4727)
• [Test Package Versions Bump] Updating package versions (#4806)
• Fix flaky DSM transport test (#4826)
• Properly read the installed tracer version in dd-dotnet (#4828)
• Fix config_norm_rules.json and config_prefix_block_list.json (#4830)
• [CI] Rerun waf download If it times out (#4838)
• [Test] Add propagator injection unit tests using 128-bit trace-ids (#4840)
• Try enabling crash dumps in artifact tests (#4841)
• Try to fix flake in hardcoded secrets test (#4843)
• Try to fix the pipeline monitor (#4844)
• [Test Package Versions Bump] Updating package versions (#4846)
• [CI] Delete previously generated files on Windows (#4848)
• Update xunit testing to latest (#4850)
• [Build] Update deb/rpm packaging with arm64 variant (APMON-377) (#4857)
• Re-instate the building of the system-test docker images (#4858)
• Add dd-dotnet to path on Windows (#4863)
• Handle ctrl+c in dd-dotnet (#4864)
• Add dd-dotnet to path on Linux (#4866)
• Update to .NET 8 GA release (#4869)
• Fix system-test snapshot image creation (#4871)
• Actually, really, definitely, fix the system-tests docker image (#4874)
• Run ARM64 integration tests against .NET 8 (#4875)
• Add testing for Microsoft.Data.Sqlite (#4881)
• Fix the system-test docker images once and for all (#4883)
• [ASM] Fix snapshot (#4886)
• Fix localstack not starting issue (#4895)

Miscellaneous

• Add full null checking to MongoDB and AWS.SDK integrations (#4815)
• Update source generator to record the "instrumented assemblies" (#4832)
• Add redacted-error-log telemetry collector and sinks (#4833)
• Add redaction of telemetry error logs (#4834)
• Add de-duplication of telemetry logs (#4835)
• Stop recording individual integration telemetry (#4872)
• Record duplicate log count in log-message data (#4885)
• Improve HostMetadata.OsVersion value (#4819)

Changes since 2.41.0