Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

v5.25.0 proposal #4849

Merged
merged 52 commits into from
Nov 6, 2024
Merged

v5.25.0 proposal #4849

merged 52 commits into from
Nov 6, 2024

Conversation

rochdev
Copy link
Member

@rochdev rochdev commented Oct 31, 2024

No description provided.

simon-id and others added 30 commits October 30, 2024 23:02
* Handle request options

* Remove .only

* clean up

* suggestion
…' tag (#4724)

Use existing 'otel' tag for other sources of spans, such as manual tracing
* fix esbuild issue when requiring esm files
* standardize configurations
It was out-of-date since the following commit was added to master, which
updated package.json without also updating yarn.lock:

597d7c5
The maxCollectionSize limit affects the following types:
- Array
- Map / WeakMap
- Set / WeakSet
- All TypedArray types

This limit contols the maximum about of elements collected for those
types. The default is 100.
* refactor system tests jobs to no longer explicitly try to run `CROSSED_TRACING_LIBRARIES` scenarios, which is now an essential scenario and was being run twice.
* add support for DD_GRPC_CLIENT_ERROR_STATUSES & DD_GRPC_SERVER_ERROR_STATUSES
* Use @datadog/pprof 5.4.1 with Node 23 support
* separating plugin tests to their own run
Adds Kafka cluster ID to KafkaJS spans and DSM metrics
…sibility (#4821)

* Apply suggestions from code review

Co-authored-by: Nikita Tkachenko <121111529+nikita-tkachenko-datadog@users.noreply.github.com>
…ce (#4739)

* Allow to set sampling priority

* Span.keep method

* Replace manual.keep tag usage with Span.keep()

* Update standalone integration tests

* use PrioritySampler.keepTrace

* Lint

* PrioritySampler.keepTrace test
The limit controls the maximum number of properties collected on an
object. The default is 20.

It's also applied on each scope when collecting properties. If there's
for example more than maxFieldCount properties in the current scope,
they are not all collected.
* multer instrumentation

* clean up test

* unsubscribe multer

* multer CI tests

* multer CI plugins tests

* Change multer version range

* Specify the version

* second try

* third

* multer request blocking integration test

* include iast tainting multer body test

* fix test

* Update integration-tests/multer.spec.js

Co-authored-by: Ugaitz Urien <ugaitz.urien@datadoghq.com>

* Move taint multipart body test to the integration test

* delete test

* Move multer tests inside appsec

* Include test not using multer middleware

---------

Co-authored-by: Ugaitz Urien <ugaitz.urien@datadoghq.com>
* [MLOB-1540] add llmobs configuration to global tracer config (#4696)

add llmobs config

* [MLOB-1555] LLM Observability writers (#4699)

LLM Observability writers

* [MLOB-1556] LLM Observability tagger (#4718)

LLM Observability tagger

* [MLOB-1560] LLMObs Span Processor (#4738)

* span processor

* tests

* remove agent exporter log and do not stringify tags

* remove llmobs from exporter tests

* add in default unserializable value

* review comments

* warning log for metric

* todo-ify

* remove some duplicate logic

* decouple llmobs span processing with a channel

* use a static weakmap to store llmobs tags/annotations instead of span tags

* do not register span in map if it does not have an llmobs span kind

* span is passed on an object from sp publisher

* re-clarify TODOs

* only send span in publish

* log multiple warnings and return conditional undefined

* update error logic

* [MLOB-1561] LLM Observability SDK API (#4773)

* wip

* type definitions

* active + try/catch eval metric writer append

* test ts

* use tagger map and processor as a channel subscriber

* change decorate and add in dev changes

* try some api changes

* add decorate to noop

* fix breaking proxy tests

* experimental decorators for TS docs

* api changes, fix unit + e2e tests

* try removing global log mocks

* add some util tests

* remove logger mocks

* add module tests + do not enable when not specified

* fix eval metric integration test

* wip

* memoize getFunctionArguments

* move any subscriber and global writer to the module enablement level instead of sdk

* should fix TS tests

* add ts integration test and fix decorator

* devex for ts versions

* add noop typescript test

* remove startSpan

* remove unneeded change

* dedup decorator code

* Update index.d.ts

Co-authored-by: Yun Kim <35776586+Yun-Kim@users.noreply.github.com>

* map metrics names

* change validKind to validateKind and throw

* tagger for metrics follow-up

* review feedback

* add some tests for not auto-annotating in certain cases

---------

Co-authored-by: Yun Kim <35776586+Yun-Kim@users.noreply.github.com>

* hard fail instead of soft fail, except for `wrap` span name

* add ml-observability codeowners

* resolve ts test

* update auto-annotation check

* tagger can soft fail

* using custom ASL instance and scope activation

* fix test comments and remove

* address review comments

* remove llmobs.apiKey config, only rely on global

* fix evaulations test

* make llmobs storage accessible

---------

Co-authored-by: Yun Kim <35776586+Yun-Kim@users.noreply.github.com>
wconti27 and others added 6 commits October 30, 2024 23:03
* add dsm for google pub sub
* implementation

* try making llmobs base plugin a normal plugin

* add codeowners change

* add yarn services to test:llmobs:ci

* try gh action llmobs changes

* Update packages/dd-trace/src/llmobs/plugins/base.js

* proper finish time for openai spans

* move

* revert finish changes

* change llmobsplugin back to tracingplugin type

* rename function for clarity
* upgrade to latest @azure/functions version
Copy link

github-actions bot commented Oct 31, 2024

Overall package size

Self size: 7.93 MB
Deduped: 64.95 MB
No deduping: 65.28 MB

Dependency sizes | name | version | self size | total size | |------|---------|-----------|------------| | @datadog/native-appsec | 8.2.1 | 19.18 MB | 19.19 MB | | @datadog/native-iast-taint-tracking | 3.2.0 | 13.9 MB | 13.91 MB | | @datadog/pprof | 5.4.1 | 9.76 MB | 10.13 MB | | protobufjs | 7.2.5 | 2.77 MB | 5.16 MB | | @datadog/native-iast-rewriter | 2.5.0 | 2.51 MB | 2.65 MB | | @opentelemetry/core | 1.14.0 | 872.87 kB | 1.47 MB | | @datadog/native-metrics | 3.0.1 | 1.06 MB | 1.46 MB | | @opentelemetry/api | 1.8.0 | 1.21 MB | 1.21 MB | | import-in-the-middle | 1.11.2 | 112.74 kB | 826.22 kB | | msgpack-lite | 0.1.26 | 201.16 kB | 281.59 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | lru-cache | 7.18.3 | 133.92 kB | 133.92 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | @datadog/sketches-js | 2.1.0 | 109.9 kB | 109.9 kB | | semver | 7.6.3 | 95.82 kB | 95.82 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | ignore | 5.3.1 | 51.46 kB | 51.46 kB | | int64-buffer | 0.1.10 | 49.18 kB | 49.18 kB | | shell-quote | 1.8.1 | 44.96 kB | 44.96 kB | | istanbul-lib-coverage | 3.2.0 | 29.34 kB | 29.34 kB | | rfdc | 1.3.1 | 25.21 kB | 25.21 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | dc-polyfill | 0.1.4 | 23.1 kB | 23.1 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | koalas | 1.0.2 | 6.47 kB | 6.47 kB | | path-to-regexp | 0.1.10 | 6.38 kB | 6.38 kB | | module-details-from-path | 1.0.3 | 4.47 kB | 4.47 kB |

🤖 This report was automatically generated by heaviest-objects-in-the-universe

Copy link

codecov bot commented Oct 31, 2024

Codecov Report

Attention: Patch coverage is 35.47445% with 442 lines in your changes missing coverage. Please review.

Please upload report for BASE (v5.x@2372a79). Learn more about missing BASE report.

Files with missing lines Patch % Lines
packages/dd-trace/src/llmobs/sdk.js 10.30% 148 Missing ⚠️
packages/dd-trace/src/llmobs/tagger.js 4.08% 141 Missing ⚠️
packages/dd-trace/src/llmobs/util.js 3.19% 91 Missing ⚠️
packages/dd-trace/src/llmobs/noop.js 6.45% 29 Missing ⚠️
packages/dd-trace/src/debugger/index.js 12.50% 7 Missing ⚠️
packages/datadog-instrumentations/src/kafkajs.js 89.47% 6 Missing ⚠️
.../dd-trace/src/appsec/iast/taint-tracking/plugin.js 0.00% 6 Missing ⚠️
packages/dd-trace/src/appsec/index.js 0.00% 2 Missing ⚠️
packages/dd-trace/src/appsec/rasp/ssrf.js 33.33% 2 Missing ⚠️
packages/dd-trace/src/appsec/reporter.js 50.00% 2 Missing ⚠️
... and 5 more
Additional details and impacted files
@@           Coverage Diff           @@
##             v5.x    #4849   +/-   ##
=======================================
  Coverage        ?   64.72%           
=======================================
  Files           ?      306           
  Lines           ?    13914           
  Branches        ?        0           
=======================================
  Hits            ?     9006           
  Misses          ?     4908           
  Partials        ?        0           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@pr-commenter
Copy link

pr-commenter bot commented Oct 31, 2024

Benchmarks

Benchmark execution time: 2024-11-06 16:42:59

Comparing candidate commit 7ce6e06 in PR branch v5.25.0-proposal with baseline commit 2372a79 in branch v5.x.

Found 0 performance improvements and 2 performance regressions! Performance is the same for 257 metrics, 7 unstable metrics.

scenario:plugin-graphql-with-depth-and-collapse-on-18

  • 🟥 max_rss_usage [+45.628MB; +95.120MB] or [+5.278%; +11.004%]

scenario:plugin-graphql-with-depth-on-max-18

  • 🟥 max_rss_usage [+47.388MB; +92.724MB] or [+5.485%; +10.732%]

bengl and others added 13 commits November 6, 2024 11:32
This new command creates convenient subshells with appropriate
environment variables set to run tests for _one_ plugin at a time.
* Fix amqp instrumentation
* Shell injection exploit prevention

* Fixes

* Small refactor

* Small fix for node 16

* spacing

* Add SHI capabilities

* Add some integration tests to check what happens when exception is unhandled

* Address PR comments

* Remove comment

* Update packages/dd-trace/test/appsec/rasp/command_injection.integration.spec.js

Co-authored-by: Carles Capell <107924659+CarlesDD@users.noreply.github.com>

* fix test

---------

Co-authored-by: Carles Capell <107924659+CarlesDD@users.noreply.github.com>
* Onboarding tests: simple installer scenario
…ing (#4836)

* Support url.parse, url.URL.parse and new url.URL for taint tracking

* Address PR comments

* Use shimmer.wrap instead of doing it manually
@rochdev rochdev marked this pull request as ready for review November 6, 2024 16:57
@rochdev rochdev requested a review from a team as a code owner November 6, 2024 16:57
@rochdev rochdev merged commit 497c0b0 into v5.x Nov 6, 2024
205 checks passed
@rochdev rochdev deleted the v5.25.0-proposal branch November 6, 2024 17:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.