v3.24.0 proposal #3266
Merged
v3.24.0 proposal #3266
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* add migration guide for 3.x to 4.x * Update MIGRATING.md Co-authored-by: Juan Antonio Fernández de Alba <juan.fernandezdealba@datadoghq.com> * Update MIGRATING.md Co-authored-by: Juan Antonio Fernández de Alba <juan.fernandezdealba@datadoghq.com> * Update README.md Co-authored-by: Ugaitz Urien <ugaitz.urien@datadoghq.com> --------- Co-authored-by: Juan Antonio Fernández de Alba <juan.fernandezdealba@datadoghq.com> Co-authored-by: Ugaitz Urien <ugaitz.urien@datadoghq.com>
* update readme to include v4 * use version module instead of semver to match library version
* Unvalidated redirect analyzer * Ignore tainteds from Referer header
* add v0 naming to tedious (mssql) * add v1 naming to tedious (mssql) * switch to a mostly working test sqlserver The standard mssql server image does not work on ARM [1]. Instead, we use `azure-sql-edge` [2], which provides a sufficient subset of mssql server API to test most of our integration. Unfortunately, this image does not support stored procedures [3], so tests related to these will still fail locally. [1] microsoft/mssql-docker#668 [2] https://hub.docker.com/_/microsoft-azure-sql-edge [3] https://learn.microsoft.com/en-us/azure/azure-sql-edge/features#unsupported-features
* add v0 naming to mysql integrations * add v1 to mysql integrations * add tests on v1 for mysql databases --------- Co-authored-by: Thomas Hunter II <tlhunter@datadog.com>
* Taint cookies and headers * Bump minimum node version for v4 on cookie plugin test * Add test with latest node version for cookie plugin test * Provide iastContext from index when tainting headers * Add test for cookie tainting in taint tracking plugin * Remove iast transaction after taint tracking plugin tests to avoid hiting setMaxTransactions in tests * Add test for taintObject with taintingKeys flag * Address header tainting test for keys shorter than 10 chars * Upgrade native-iast-taint-tracking to v1.5.0 * Rewrite expect in taint tracking plugin test * Fix tag requiring in IAST index
--------- Co-authored-by: Thomas Hunter II <tlhunter@datadog.com>
* Add sources tests * styles
* appsec-iast benchmark tests * writing fixes Co-authored-by: simon-id <simon.id@datadoghq.com> * small fixes --------- Co-authored-by: simon-id <simon.id@datadoghq.com>
* Reduce request per iteration in IAST benchmarks * Reduce a bit more * 30 iterations 200 requests
* Add debug log listing found source maps * Bump pprof required version Use pprof version with source map debug info. Lock pprof version in package.json to be make sure that customers use a dd-trace-js/pprof-nodejs combination that is well tested.
nsavoire
force-pushed
the
v3.24.0-proposal
branch
from
2a25af8
to
2c68b14
Compare
juan-fernandez
previously approved these changes
Jun 22, 2023
uurien
previously approved these changes
Jun 22, 2023
…'ll throw whatever is thrown by the handler
nsavoire
force-pushed
the
v3.24.0-proposal
branch
from
2c68b14
to
2f26840
Compare
uurien
previously approved these changes
Jun 23, 2023
rochdev
previously approved these changes
Jun 23, 2023
nsavoire
force-pushed
the
v3.24.0-proposal
branch
from
2f26840
to
bdd4c5f
Compare
uurien
approved these changes
Jun 23, 2023
|
We're going to ignore the perf regressions for this release. One of them is for the upgraded version of the semver package in yarn.lock as customers installing via |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Features
Improvements
_dd.iast.enabled=1metric out of request vulnerabilities tags (Add _dd.iast.enabled=1 metric out of request vulnerabilities tags #3231)Bug Fixes
metrics.spec.jstests (part of tracing tests) for windows #3250)storehas value before use it (Checkstorehas value before use it #3257)