Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump ddtrace from 1.10.1 to 1.11.1 #472

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump ddtrace from 1.10.1 to 1.11.1 #472

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 4, 2023
edited
Loading

Bumps ddtrace from 1.10.1 to 1.11.1.

Release notes

Sourced from ddtrace's releases.

1.11.1

Fixed

  • Appsec: Remove misreported ASM_CUSTOM_RULES capability (#2829)
  • Appsec: Fix block response content negotiation (#2824)
  • Appsec: Fix incorrect remote configuration payload key handling (#2822)

Read the full changeset and the release milestone.

1.11.0

Highlights

Remote Configuration

The Remote Configuration feature is now in General Availability.

What to expect from Remote Configuration?

ASM can now receive live updates via Remote Configuration, such as:

  • protection rules, including request blocking
  • IP and path passlists
  • IP and user denylists

Remote Configuration will be progressively expanded to support other Datadog products such as APM.

How to configure Remote Configuration?

  • Make sure ASM is enabled (see our documentation)
  • Upgrade the Datadog agent to 7.42.0 or above (7.43.0 or above recommended)
  • Configure the agent to allow Remote Configuration via e.g the environment variableDD_REMOTE_CONFIGURATION_ENABLED=true

To opt out of Remote Configuration, it can be done via either the environment variable DD_REMOTE_CONFIGURATION_ENABLED=false or Datadog.configure { |c| c.remote.enabled = false }.

Read more about Remote Configuration in our documentation

Ruby CPU Profiling 2.0

The new CPU Profiling 2.0 feature is now in General Availability.

What to expect from Ruby CPU Profiling 2.0?

  • Finer-grained profiling data due to our sampling engine rewritten in C+Rust. The profiler will be able to run more often and get more information while keeping the same 2% overhead target you're used to, and with a lower impact on latency. Especially when looking at the "Code Hotspots" panel for a distributed trace, expect more and finer grained profiles.
  • Thread id information now includes the operating system thread id for Ruby 3.1+, so you'll be able to correlate your thread information when looking at other system monitoring tools
  • Thread names are now collected and you're able to filter your profiles by these names
  • The profiler now exposes a Datadog::Profiling.allocation_count API that can be used to measure how many objects were allocated in parts of your application
  • Experimental support for capturing CPU and Wall-time spent doing Garbage Collection. This is disabled by default as we're still improving the performance of this feature and fixing a few incompatibilities with Ruby Ractors. You can enable it by adding DD_PROFILING_FORCE_ENABLE_GC=true or c.profiling.advanced.force_enable_gc_profiling = true to the instructions seen above.

...with more and faster improvements to come soon!

... (truncated)

Changelog

Sourced from ddtrace's changelog.

[1.11.1] - 2023-05-03

Fixed

  • Appsec: Remove misreported ASM_CUSTOM_RULES capability (#2829[])
  • Appsec: Fix block response content negotiation (#2824[])
  • Appsec: Fix incorrect remote configuration payload key handling (#2822[])

[1.11.0] - 2023-04-27

Highlights

As of ddtrace 1.11.0, these features are GA and emabled by default:

  • CPU Profiling 2.0
  • Remote Configuration
  • Telemetry

For more details, check the release notes.

Added

Changed

  • Core: Allow 1 as true value in environment variables (#2710[])
  • Profiling: Enable CPU Profiling 2.0 by default (#2702[])
  • Tracing: Improve controller instrumentation and deprecate option exception_controller (#2726[])
  • Tracing: Implement Span Attribute Schema Environment Variable (#2727[])
  • Tracing: Change default service_name values (gated by feature flag) (#2760[])

Fixed

  • Bug: Tracing: Fix w3c propagation special character handling (#2720[])
  • Performance: Tracing: Use +@ instead of dup for duplicating strings (#2704[])
  • Profiling: Avoid triggering allocation sampling during sampling (#2690[])
  • Integrations: Tracing: Fix Rails < 3 conditional check in Utils#railtie_supported? (#2695[])
  • Profiling: Do not auto-enable new profiler when rugged gem is detected (#2741[])
  • Tracing: Fix using SemanticLogger#log(severity, message, progname) (#2748[]) ([@​rqz13][])
  • Profiling: Improve detection of mysql2 gem incompatibilities with profiler (#2770[])
  • AppSec: Remove check for ::Rack::Request.instance_methods.include?(:each_header) at load time (#2778[])
  • Tracing: Fix quadratic backtracking on invalid URI (#2788[])

... (truncated)

Commits
  • 354f7c7 Merge pull request #2830 from DataDog/bump_to_version_1.11.1
  • c82c3c8 Update lockfiles for ddtrace 1.11.1
  • 22382d4 Bump version 1.11.0 to 1.11.1
  • d6715af Add 1.11.1 to CHANGELOG.md
  • 697c507 Merge pull request #2829 from DataDog/remove-asm-custom-rules-capability
  • af72ecf Remove ASM_CUSTOM_RULES capability
  • d090948 Merge pull request #2824 from DataDog/fix-block-response-content-negotiation
  • d39d5c9 Remove UTF-8 char in comment
  • d9b3188 Reimplement response negotiation
  • 00e968f Restore each_with_object argument order
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code labels May 4, 2023
@dependabot
Bump ddtrace from 1.10.1 to 1.11.1
604814a 
Bumps [ddtrace](https://github.com/DataDog/dd-trace-rb) from 1.10.1 to 1.11.1.
- [Release notes](https://github.com/DataDog/dd-trace-rb/releases)
- [Changelog](https://github.com/DataDog/dd-trace-rb/blob/master/CHANGELOG.md)
- [Commits](DataDog/dd-trace-rb@v1.10.1...v1.11.1)

---
updated-dependencies:
- dependency-name: ddtrace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/bundler/ddtrace-1.11.1 branch from ef8eaa8 to 604814a Compare May 4, 2023 17:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file ruby Pull requests that update Ruby code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants