v6.12.1

• Security fix: Resolves an issue where transaction traces will still capture the request URI when the Node.js agent is configured to exclude the 'request.uri' attribute. This can be problematic for certain customers in environments where sensitive information is included in the URI. See security bulletin NR20-02.

  The request URI will now be excluded from transaction traces if the 'request.uri' attribute has been set to be excluded at either the top-level 'attributes.exclude' configuration or at the 'transaction_tracer.attributes.exclude' configuration.

v6.12.0

• Fixes obfuscation of SQL queries with large data inserts.
  Special thanks to Tomáš Hanáček (@tomashanacek) for tracking down the issue and providing the fix.
• On failed instrumentation, prevent multiple requires from re-wrapping shims.
  Special thanks to Ryan Copley (@RyanCopley) for the contribution.
• Upgrade async to v3.2.0. Special thanks to Yohan Siguret (@Crow-EH) for the contribution
• Bumped @newrelic/native-metrics to ^5.3.0.
• Bumped @newrelic/aws-sdk to ^2.0.0.
• Bumped node-test-utilities to ^4.0.0.
• Bumped @newrelic/superagent to ^3.0.0.
• Bumps @newrelic/koa to ^4.0.0.
• Updated SECURITY.md with coordinated disclosure program link.
• Updated guidelines and templates for contributing to the project.

v6.11.0

• Updated to Apache 2.0 license
• Added CODE_OF_CONDUCT.md file
• Streamlined README.md file
• Updated CONTRIBUTING.md file
• Added additional guidance to bug report template
• Added copyright headers to all source files
• Added Distributed Tracing option to config file used for first time customers
• Converted some test files to Node-tap
• Removed "hidden" and unused code injector diagnostic capability
• Upgraded @grpc/grpc-js from 1.0.4 to 1.0.5

v6.10.0

• Additional Transaction Information applied to Span Events
  • When Distributed Tracing and/or Infinite Tracing are enabled, the Agent will now incorporate additional information from the Transaction Event on to the currently available Span Event of the transaction.
    • The following items are affected:
      • aws-lambda related attributes
      • error.message
      • error.class
      • error.expected
      • http.statusCode
      • http.statusText
      • message.*
      • parent.type
      • parent.app
      • parent.account
      • parent.transportType
      • parent.transportDuration
      • Request Parameters request.parameters.*
      • request.header.*
      • request.method
      • request.uri
  • Custom Attributes
    • Custom transaction attributes added via API.addCustomAttribute or API.addCustomAttributes will now be propagated to the currently active span, if available.
  • Security Recommendation:
    • Review your Transaction Event attributes configuration. Any attribute include or exclude setting specific to Transaction Events should be applied to your Span Attributes configuration or global attributes configuration. Please see Node.js agent attributes for more on how to configure.
• Upgraded @grpc/grpc-js from 1.0.3 to 1.0.4
• Modified redis callback-less versioned test to use commandQueueLength as indicator redis command has completed and test can continue. This is in effort to further reduce these test flickers. Additionally, added wait for client 'ready' before moving on to tests.
• Updated force secret test runs to run on branch pushes to the main repository.

v6.9.0

• Added AWS API Gateway V2 Support to lambda instrumentation.

• Added 'transaction.name' intrinsic to active span at time transaction name is finalized.

  This enables finding transaction name for traces that may not have a matching transaction event.

• Added 'error.expected' attribute to span active at time expected error was noticed.

• Dropped errors earlier during collection when error collection is disabled.

  Error attributes will no longer show up on spans when error collection has been disabled. Other unnecessary work will also be avoided.

• Removed allocation of logging-only objects used by transaction naming when those log levels are disabled.

• Upgraded escodegen from 1.12.0 to 1.14.1.

• Upgraded readable-stream from 3.4.0 to 3.6.0.

• Upgraded @grpc/proto-loader from 0.5.3 to 0.5.4.

• Converted facts unit test to use tap API.

• Converted transaction 'finalizeName...' unit tests to use tap API.

• Added several items to .npmignore to prevent accidental publishing.

• Fixed Redis client w/o callback versioned test flicker.

  Doesn't end transaction until error encountered. Increases wait time for first operation which has to complete for the second operation to be successful.

v6.8.0

• Bumped @newrelic/native-metrics to ^5.1.0.

  Upgraded nan to ^2.14.1 to resolve 'GetContents' deprecation warning with Node 14. This version of the native metrics module is tested against Node 14 and includes a pre-built binary download backup for Node 14.

• Added whitespace trimming of license key configuration values.

  Previously, when a license key was entered with leading or trailing whitespace, it would be used as-is and result in a validation failure. This most commonly occurred with environment variable based configuration.

• Moved to GitHub actions for CI.

• Updated PR template and added initial issue templates.

• Converted most of the collector API unit tests to use the tap API. Split larger test groupings into their own test files.