1.40.1

Components

Application Security Management (WAF)

• ⚡ Prevent publishing the same usr.id to the WAF twice (#7709 - @manuel-alvarez-alvarez)
• ✨ Ensure 'attempt to replace context value' logs are set to debug (#7705 - @manuel-alvarez-alvarez)

Crash tracking

• 🐛 Fix crashtracking log parser (#7703 - @PerfectSlayer)

1.40.0

Components

Application Security Management (IAST)

• ✨ Send IAST vulnerability secure marks to backend (#7645 - @jandro996)
• 🧹 Remove dependency with thread locals in jersey IAST instrumentation (#7619 - @manuel-alvarez-alvarez)
• 🐛 Fix jackson json parser propagation for field names (#7606 - @Mariovido)
• Add XSS support for Velocity (#7546 - @Mariovido)
• Add XSS support for Freemarker prior 2.3.24-incubating (#7497 #7532 - @Mariovido)

Application Security Management (WAF)

• 🐛 Fixed closing WAF context (#7681 - @ValentinZakharov)
• ✨ Reduce log level for "WAF object had not been closed" (#7657 - @smola)
• 🐛 Update libsqreen library to 11.0.1 fixing fingerprint generation (#7655 - @manuel-alvarez-alvarez)
• 🐛 Fix NullPointerException in RASP metrics (#7654 - @smola)
• ✨ Add support for user tracking in spring security (#7633 - @manuel-alvarez-alvarez)
• ⚡ Short circuit for WAF/RASP calls (#7630 - @ValentinZakharov)
• ✨ Add support for session fingerprints to the WAF (#7591 - @manuel-alvarez-alvarez)
• 🐛 Fix Exploit Prevention capability announcement on remote config (#7586 - @smola)
• 🧹 Extract EventTracker logic to the appsec module (#7554 - @manuel-alvarez-alvarez)
• Add LFI exploit prevention support (#7487 - @jandro996)

Continuous Integration Visibility

• Use remote service to get CI provider info when configured to do so (#7689 - @nikita-tkachenko-datadog)
• ✨ Add CPU count tag to Test Visibility events (#7659 - @nikita-tkachenko-datadog)
• 🐛 Fix tracing skipped suites in MUnit 1.0.1 (#7605 - @nikita-tkachenko-datadog)
• Add pull_request extra tags for GitHub Actions (#7604 - @nikita-tkachenko-datadog)
• Set test session name on test/suite/module/session events (#7603 - @nikita-tkachenko-datadog)
• ITR code coverage support (#7367 - @nikita-tkachenko-datadog)

Dynamic Instrumentation

• Update Code Origin span tags (#7685 - @shatzi)
• Fix duplicated locals with arguments (#7683 - @jpbempel)
• 🐛 Fix number typing used in maps (#7676 - @jpbempel)
• 🐛 Fix evaluation errors sampling (#7656 - @jpbempel)
• Fix message for snapshots with evaluation errors (#7653 - @jpbempel)
• ✨ Add File and Path as string primitive (#7652 - @jpbempel)
• Refactor DI startup to make Exception Replay can be started up alone (#7648 - @jpbempel)
• Add Exception Replay config parameters (#7647 - @jpbempel)
• Add support of spring boot nested jar for SymDB (#7635 - @jpbempel)
• Fix local var hoisting (#7624 - @jpbempel)
• Implement the DebuggerProbe (#7588 - @evanchooly)
• ✨ Add support for Optional(Int|Double|Long) (#7581 - @jpbempel)
• Add exception_hash tag for span (#7574 - @jpbempel)
• ✨ Add watches support through probe tags (#7573 - @jpbempel)
• 🐛 Fix span decoration probe EMITTING status (#7569 - @jpbempel)
• 🐛 Add git commit sha and repostiory url in snapshot (#7566 - @jpbempel)
• ✨ Send telemetry log when Probe status queue is full (#7557 - @jpbempel)
• ✨ Add collection of local var for method probe (#7548 - @jpbempel)
• Add smoke test for Exception Replay (#7504 - @jpbempel)

GraalVM native-image

• 🐛 Enable profiling startForceFirst silently for native image builds (#7555 - @MattAlp)

Profiling

• Bump profiler to 1.15.0 (#7682 - @MattAlp)
• 🐛 delay closing profiling state when scope reference count > 1 (#7639 - @richardstartin)
• Add JFR queuetime threshold to recording settings (#7609 - @richardstartin)
• 🐛 Enable profiling startForceFirst silently for native image builds (#7555 - @MattAlp)
• ✨ Improves info around smap parsing success/failure (#7461 - @MattAlp)

Telemetry

• Improved stack trace reporting via telemetry (#7632 - @ValentinZakharov)
• ✨ Enable telemetry logs by default (#7631 - @smola)

Tracer core

• ✨ Mute internal process start (#7572 - @PerfectSlayer)

Tracer internal logging

• Improved stack trace reporting via telemetry (#7632 - @ValentinZakharov)

Instrumentations

Akka instrumentation

• ✨ Add akka-http client 10.6+ support (#7680 - @amarziali)

Apache Spark instrumentation

• ✨ Add spark.stage details attribute at the end of the stage (#7608 - @paul-laffon-dd)

AWS Lambda instrumentation

• ✨ Parse 128 bit trace Id retuned by lambda extension (#7620 - @agocs)

Eclipse Vert.x instrumentation

• 🐛 Vertx: wrap internal routes to let the context propagate for blocking handlers (#7563 - @amarziali)

GraphQL instrumentation

• 🐛 prevent errors when dealing with MinimalStage in graphql (#7560 - @vandonr)

gRPC instrumentation

• make it possible to disable gRPC message spans (#7642 - @richardstartin)

JDBC instrumentation

• ✨ Add support for Intersystems IRIS jdbc driver (#7607 - @amarziali)

OpenTelemetry instrumentation

• ✨ Support addEvent Otel API (#7408 - @mtoffl01)

Reactor instrumentation

• Test Reactor Core latest versions (#7595 - @amarziali)

Redis instrumentation

• 🐛 Make redisson tracing the full request (#7571 - @amarziali)

Spring instrumentation

• 🐛 Spring scheduling: ensure spans have no parent (#7583 - @amarziali)

All other instrumentations

• ✨ Improve context propagation for rxjava1 observables (#7686 - @amarziali)
• ✨ Google PubSub: implement switchable legacy tracing mode (#7564 - @amarziali)
• 🐛 Tibco BW 5: fix child process parentship (#7414 - @amarziali)

1.39.1

Components

Application Security Management (WAF)

• 🐛 Fix Exploit Prevention capability announcement on remote config (#7670 - @smola)
• 🐛 Update libsqreen library to 11.0.1 fixing fingerprint generation (#7669 - @smola)
• 🐛 Fix NPE in RASP metrics (#7668 - @smola)
• ✨ Reduce log level for "WAF object had not been closed" (#7667 - @smola)

Dynamic Instrumentation

• 🐛 Add support of spring boot nested jar for SymDB (#7678 - @jpbempel)

Profiling

• ✨ Bump profiler to 1.15.0 (#7671 - @MattAlp)

1.39.0

Components

Application Security Management (IAST)

• 🐛 Do not skip ErrorReportValve.report in any case (#7489 - @smola)
• ✨ Suppress internal exceptions in tomcat stacktrace leak detection (#7488 - @smola)
• 🐛 Add exclusions for openid4java and seasar frameworks (#7417 - @manuel-alvarez-alvarez)
• Add detection of untrusted deserialization in snakeyaml library (#7406 - @Mariovido)
• ✨ Fix progagation for Untrusted Deserialization vulnerability (#7374 - @Mariovido)
• Map JSP stack traces to file names (#7005 - @jandro996)

Application Security Management (WAF)

• Free AppSecRequestContext resources when the request ends (#7535 - @manuel-alvarez-alvarez)
• 🐛 Make RASP addresses ephemeral (#7529 - @manuel-alvarez-alvarez)
• ✨ Set DD_APPSEC_RASP_ENABLED to true by default (#7528 - @smola)
• 🐛 Fix call depth counter for sqli blocking (#7522 - @ValentinZakharov)
• Enable WAF generate_stack action by default (#7518 - @smola)
• ✨ Remove warning whenever we receive an unknown WAF address (#7482 - @smola)
• Add fingerprint support to the WAF (#7436 - @manuel-alvarez-alvarez)
• Upgrade to AppSec rules v1.13.0 (#7424 - @manuel-alvarez-alvarez)
• Add support for suspicious attacker blocking to appsec (#7401 - @manuel-alvarez-alvarez)
• Exploit prevention for SSRF (in java.net.URL) (#7373 - @manuel-alvarez-alvarez)

Cloud Workload Security (CWS)

• Make cws-tls use the same JNA dependency as instrumentations (#7412 - @bantonsson)

Continuous Integration Visibility

• 🐛 Fix Gradle Daemon process detection (#7524 - @nikita-tkachenko-datadog)
• 🧹 Split Gradle instrumentations into different modules (#7523 - @nikita-tkachenko-datadog)
• 🐛 Implement a fallback method for getting effective JVM for Maven Surefire executions (#7493 - @nikita-tkachenko-datadog)
• 🐛 Fix Cucumber JUnit 4 instrumentation to support empty scenario names (#7470 - @nikita-tkachenko-datadog)
• Implement telemetry and global per-JVM limit for auto test retries (#7458 - @nikita-tkachenko-datadog)
• 🐛 Fix Cucumber JUnit 4 instrumentation to correctly handle feature and scenario names with brackets (#7446 - @nikita-tkachenko-datadog)
• 🐛 Fix Gradle instrumentation to support v8.10 (#7443 - @nikita-tkachenko-datadog)
• 🐛 Fix Maven instrumentation to support command-line plugin goals invocation (#7430 - @nikita-tkachenko-datadog)

Crash tracking

• Make the warning in ScriptInitializer less scary (#7514 - @jbachorik)
• 🧹 Improving crash tracking script initialization error handling (#7427 - @PerfectSlayer)
• 🐛 Fix crash-tracking uploader script overwrite warning (#7386 - @jbachorik)

Data Streams Monitoring

• ⚡ Don't recompute DSM pathway hash for known tags (#7307 - @vandonr)

Database Monitoring

• Full mode for SQL Server (#7186 - @nenadnoveljic)

Dynamic Instrumentation

• 🐛 Fix concurrent modification (#7469 - @jpbempel)
• 🐛 Fix considering directory as jar file (#7459 - @jpbempel)
• ✨ Add exclusion predefined redaction keywords (#7457 - @jpbempel)
• 🐛 fix freeze context only for capturing line probe (#7456 - @jpbempel)
• 🐛 Fix SymDB upload dropped requests (#7442 - @jpbempel)
• ✨ Add protobuf collections as safe ones (#7438 - @jpbempel)
• 🐛 Fix Fingerprinter thread safety (#7429 - @jpbempel)
• 🐛 Add modifiers for extracting symbols (#7420 - @jpbempel)
• ✨ Add support for enum value comparison (#7418 - @jpbempel)

GraalVM native-image

• Avoid RemoteHostnameAdder.config resolution error when building Quarkus native images (#7480 - @mcculls)
• Fix ClassNotFoundException: net.jpountz.lz4.LZ4JavaSafeCompressor when instrumenting Kafka 3.7 with Quarkus native (#7404 - @mcculls)
• Fix unresolved field error when instrumenting Kafka 3.7 with Quarkus native (#7403 - @mcculls)

JMX fetch

• Bump JmxFetch to 0.49.4 (#7501 - @amarziali)

Metrics

• Bump integrations-core submodule to 7.55.3 (#7416 - @mcculls)

Profiling

• Log a warning when profiling enablement is misconfigured. (#7511 - @jbachorik)
• Emit recording setting events for SSI details (#7507 - @jbachorik)
• 🐛 Update ddprof to 1.13.0 (#7471 - @r1viollet)
• Allow subsampling the liveheap profiling data (#7380 - @jbachorik)

Telemetry

• 🔍 Enable telemetry logs for services using AppSec (#7534 - @smola)
• 🔍 Enable telemetry logs for a subset of Java versions (#7475 - @PerfectSlayer)
• Tag span metrics with 'otel.library' when we know it was created by an OTel extension (#7463 - @mcculls)
• ✨ Reduce telemetry log messages per minute to 10 (#7410 - @smola)
• ✨ Add Otel env var telemetry (#7391 - @cecile75)
• ✨ Add telemetry app product change message (#7348 - @jandro996)
• Adding InitializationTelemetry - e.g. guard rails reporting (#7287 - @dougqh)

Trace context propagation

• ✨ Use W3C Trace Context trace ID as parent ID regardless of propagation style order (#7355 - @mtoffl01)

Tracer core

• 🐛 Avoid using stdout to report bootstrapping errors (#7432 - @PerfectSlayer)
• Add _dd.tracer_host to local root spans (#7388 - @amarziali)

Instrumentations

Apache Spark instrumentation

• Allow instrumented Spark trace linked to Openlineage originated context (#7450 - @yiliangzhou)

Armeria Instrumentation

• OpenTelemetry drop-in fixes for Armeria HTTP (#7498 - @mcculls)

AWS SDK instrumentation

• Avoid NullPointerException when publishing SNS messages to phone numbers (#7448 - @mcculls)

gRPC instrumentation

• 🐛 Fix grpc server error mark (#7505 - @amarziali)

JDBC instrumentation

• 🐛 Don't leak calldepth threadlocal on statements (#7472 - @amarziali)
• 🐛 Do not leak call depth threadlocal in jdbc instrumentation (#7468 - @amarziali)
• 🐛 Fix exception handling for SQL Server full mode (#7405 - @nenadnoveljic)
• Full mode for SQL Server (#7186 - @nenadnoveljic)

OpenTelemetry instrumentation

• OpenTelemetry drop-in fixes for Apache Pulsar (#7500 - @mcculls)
• OpenTelemetry drop-in fixes for Apache Dubbo (#7499 - @mcculls)
• OpenTelemetry drop-in fixes for Armeria HTTP (#7498 - @mcculls)
• Tag span metrics with 'otel.library' when we know it was created by an OTel extension (#7463 - @mcculls)
• OpenTelemetry drop-in fixes for r2dbc (#7444 - @mcculls)

All other instrumentations

• OpenTelemetry drop-in fixes for Apache Pulsar (#7500 - @mcculls)
• OpenTelemetry drop-in fixes for Apache Dubbo (#7499 - @mcculls)
• 🐛 Apache http client 4: do not copy all request headers on redirect (#7483 - @amarziali)
• 🐛 Avoid finishing twice a servlet 3 async dispatch span (#7395 - @amarziali)

Other changes

• Bump byte-buddy to 1.14.18 (#7415 - @mcculls)

1.38.1

Components

Application Security Management (IAST)

• 🐛 Add exclusions for openid4java and seasar frameworks (#7423 - @manuel-alvarez-alvarez)

Continuous Integration Visibility

• 🐛 Fix Cucumber JUnit 4 instrumentation to correctly handle feature and scenario names with brackets (#7447 - @nikita-tkachenko-datadog)
• 🐛 Fix Maven instrumentation to support command-line plugin goals invocation (#7431 - @nikita-tkachenko-datadog)

Dynamic Instrumentation

• 🐛 Fix Fingerprinter thread safety (#7434 - @jpbempel)

GraalVM native-image

• 🐛 Fix ClassNotFoundException: net.jpountz.lz4.LZ4JavaSafeCompressor when instrumenting Kafka 3.7 with Quarkus native (#7422 - @mcculls)
• 🐛 Fix unresolved field error when instrumenting Kafka 3.7 with Quarkus native (#7421 - @mcculls)

Tracer core

• 🐛 Avoid using stdout to report bootstrapping errors (#7433 - @PerfectSlayer)
• Add _dd.tracer_host to local root spans (#7426 - @amarziali)

Instrumentations

AWS SDK instrumentation

• 🐛 Avoid NullPointerException when publishing SNS messages to phone numbers (#7449 - @mcculls)

OpenTelemetry instrumentation

• OpenTelemetry drop-in fixes for r2dbc (#7445 - @mcculls)

1.38.0

Potentially Breaking Changes

Warning

When setting up the client library using the Single Step Instrumentation feature (SSI), the library will now check the presence of multiple Java Virtual Machine (JVM) agents and won't install it if is not the only one.
This behavior can be disabled by forcing the injection using the DD_INJECT_FORCE environment variable to TRUE.

Components

Application Security Management (IAST)

• Improve SSRF detection in apache http client (#7359 - @manuel-alvarez-alvarez)
• Add Untrusted Deserialization vulnerability (#7345 - @Mariovido)
• 🐛 Fix session rewriting false positives (#7323 - @jandro996)
• Create new ranges for vulns to prevent GC issues (#7309 - @manuel-alvarez-alvarez)
• Update URI and URL call sites for precise taint tracking (#7299 - @manuel-alvarez-alvarez)

Application Security Management (WAF)

• ✨ Upgrade to libddwaf 1.19.0 (libddwaf-java 10.1.0) (#7369 - @ValentinZakharov)
• Report telemetry metrics for Exploit Prevention (#7314 - @ValentinZakharov)
• Report span metrics for Exploit Prevention (#7273 - @ValentinZakharov)
• Exploit prevention for SQL injection (blocking support) (#7231 - @ValentinZakharov)
• Add remote config support for auto user id collection mode (#7205 - @manuel-alvarez-alvarez)
• Use three modes for auto user id collection: identification (default), anonymization and disabled (#7135 - @manuel-alvarez-alvarez)

Build & Tooling

• Use unified Gitlab pipeline for APM libraries (#7151 - @randomanderson)

Cloud Workload Security (CWS)

• Switch to 128-bit trace ID tracking (#7259 - @spikat)

Configuration at Runtime

• Add remote config support for auto user id collection mode (#7205 - @manuel-alvarez-alvarez)

Continuous Integration Visibility

• 🐛 Fix built-in retries tracking in Karate framework (#7379 - @nikita-tkachenko-datadog)
• 🐛 Fix package resolution for non-Java source files (#7356 - @nikita-tkachenko-datadog)
• 🐛 Fix null JvmInfo exception in Maven instrumentation (#7354 - @nikita-tkachenko-datadog)
• 🐛 Fix tracer freeze when CI Visibility is enabled (#7325 - @nikita-tkachenko-datadog)
• 🐛 Fix Gradle v8.9 instrumentation (#7319 - @nikita-tkachenko-datadog)
• ⚡ Optimize per-test code coverage (#7315 - @nikita-tkachenko-datadog)
• Refactor buffering of pending traces for CI Visibility (#7207 - @nikita-tkachenko-datadog)

Crash tracking

• Add severity tag to crash upload (#7375 - @jbachorik)

Data Streams Monitoring

• Separate manual & automatic checkpoints when aggregating (#7351 - @piochelepiotr)
• Add pathway propagation for SNS (#7341 - @nayeem-kamal)
• Add tag to differentiate manually created checkpoints (#7331 - @piochelepiotr)

Dynamic Instrumentation

• Add support for any/all (#7346 - @jpbempel)
• 🐛 Fix exception thrown for distribution metric (#7344 - @jpbempel)
• Add Set support for hasAny/hasAll expression (#7340 - @jpbempel)
• ✨ Extend contains EL expression (#7337 - @jpbempel)
• Fix EL function behavior for null values (#7328 - @jpbempel)
• 🐛 Fix instanceof as predicate for value expression (#7313 - @jpbempel)
• ⚡ Add high rate queue for log template snapshots (#7310 - @jpbempel)
• Fix service version and sanitize tags (#7293 - @ojung)
• Implement debug context propagation to enable live debugging of java applications (#7286 - @evanchooly)
• ⚡ Remove explicit capture of fields (#7282 - @jpbempel)
• ⚡ Move snapshot UUID generation at serialization (#7280 - @jpbempel)
• Serialize restricted collections as regular object (#7274 - @jpbempel)
• Fix mixing log/span decoration probes (#7246 - @jpbempel)

JMX fetch

• Support Websphere JMX admin metrics (#7235 - @amarziali)

Library Injection

• ✨⚠️ Add lib-injection multiple JVM agents guardrails (#7122 - @PerfectSlayer)

Profiling

• Capture the auto-injection related settings in JFR recording (#7317 - @jbachorik)
• Track JVM RSS in JDK 21+ (#7227 - @MattAlp)

Tracer core

• Refactor buffering of pending traces for CI Visibility (#7207 - @nikita-tkachenko-datadog)
• ✨ Add tracer log file to tracer flare when datadog.slf4j.simpleLogger.logFile is NOT defined (#7085 - @cecile75)

Instrumentations

Apache Spark instrumentation

• ✨ Add Parameter to only inject data jobs for particular java commands (#7366 - @paul-laffon-dd)
• Add shutdown hook to finish the spark application trace (#7357 - @paul-laffon-dd)
• Use spark application name when service is set to hadoop (#7294 - @paul-laffon-dd)

AWS SDK instrumentation

• 🐛 Fix parsing of binary datadog headers in SQS (#7324 - @vandonr)
• 🐛 Remove binary _datadog attribute if present in JMS SQS instrumentation to avoid crash (#7283 - @vandonr)

GraphQL instrumentation

• 🐛 Fix advices for GraphQl 22+ (#7295 - @amarziali)

Jetty instrumentation

• 💡 Support jetty client 12 (#7305 - @amarziali)

Spring instrumentation

• 🐛 Rollback wrapping of runnables on each schedule for Spring Scheduling (#7290 - @amarziali)

All other instrumentations

• ✨ Fetch uri information correctly when httphost argument is null (#7276 - @abagavat - thanks for the contribution!)

1.37.1

Components

Continuous Integration Visibility

• 🐛 Fix Gradle v8.9 instrumentation (#7336 - @nikita-tkachenko-datadog)
• 🐛 Fix tracer freeze when CI Visibility is enabled (#7335 - @nikita-tkachenko-datadog)

1.37.0

Components

Application Security Management (WAF)

• 🐛 Add missing appsec propagation tag on appsec events (#7262 - @jandro996)
• 🐛 Set appsec.blocked in local root span (#7251 - @smola)

Continuous Integration Visibility

• 🐛 Fix -DargLine propagation for Maven builds (#7269 - @nikita-tkachenko-datadog)
• Update default versions of DD Javac plugin and Jacoco plugin used by CI Visibility (#7248 - @nikita-tkachenko-datadog)
• 🐛 Fix language detection logic (#7245 - @nikita-tkachenko-datadog)

Crash tracking

• Add support for sending OOME events (#7253 - @jbachorik)

Profiling

• Collapse wall samples by default (#7272 - @richardstartin)
• Add support for 'auto' value in DD_PROFILING_ENABLED (#7264 - @jbachorik)
• Add support for sending OOME events (#7253 - @jbachorik)

Instrumentations

Apache Spark instrumentation

• Capture all spark conf parameter (#7242 - @paul-laffon-dd)

JMS instrumentation

• ✨ Trace JMS Queue and Topic producers when destination is explicit (#7266 - @amarziali)

All other instrumentations

• Add ServiceTalk async context propagation instrumentation (#7241 - @ygree)
• 🧪 Instrument Tibco BusinessWorks 5 and 6 (#7155 - @amarziali)

1.36.0

Components

Application Security Management (IAST)

• Add builder for vulnerability types and fix insecure auth protocol (#7216 - @manuel-alvarez-alvarez)

Application Security Management (WAF)

• Apply appsec rate limiter on event instead of when request end (#7221 - @jandro996)
• Preserve original types before passing data to the WAF (#7220 - @smola)
• Set _dd.p.dm to -5 for IAST and AppSec spans (#7219 - @jandro996)
• Update missing RFC parts for user event tacking (#7213 - @manuel-alvarez-alvarez)
• Upgrade to AppSec rules v1.12.0 (#7192 - @ValentinZakharov)
• Collect and report RASP events (+Stack traces) (#7162 - @ValentinZakharov)
• Add grpc.server.method to WAF addresses with FQN of the grpc method (#7079 - @manuel-alvarez-alvarez)
• Add standalone ASM billing support (#7040 - @jandro996)

Continuous Integration Visibility

• Do not report code coverage for skipped tests (#7244 - @nikita-tkachenko-datadog)
• 🐛 Fix TestNG tracing for parameterized tests that modify parameters (#7226 - @nikita-tkachenko-datadog)
• Add more metrics and tags to CI Visibility telemetry (#7223 - @nikita-tkachenko-datadog)
• 🧹 Replace string constants with a dedicated enum for test statuses (#7218 - @nikita-tkachenko-datadog)
• Ignore exception when trying to remove Git data upload shutdown hook during JVM shutdown (#7204 - @nikita-tkachenko-datadog)
• Do not include system-properties in test session command tag (#7187 - @nikita-tkachenko-datadog)

Data Streams Monitoring

• Add Avro instrumentation for schema tracking (#7236 - @nayeem-kamal)

Dynamic Instrumentation

• 🐛 Fix debugger batch upload URL when using UDS (#7166 - @mcculls)

Metrics

• Bump JMXFetch to 0.49.2 (#6935 - @carlosroman)

Profiling

• Update ddpfrof to 1.9.0 (#7229 - @jbachorik)
• Enable timeline events by default when ddprof disabled (#7224 - @richardstartin)
• Add configuration parameter for GC generation count tracking (#7210 - @jbachorik)

Testing

• Fix spring-messaging tests (#7157 - @amarziali)

Tracer internal logging

• 🐛 Start Datadog appender when doing agentless log submission for Log4j2 (#7160 - @nikita-tkachenko-datadog)
• Support DD_LOG_LEVEL (#7159 - @mcculls)

Instrumentations

AWS SDK instrumentation

• 🐛 Do not modify readonly message attributes map on SNS integration (#7150 - @vandonr)

Kafka instrumentation

• 🐛 Fix NPE when kafka consumer info is not available (#7190 - @amarziali)

OpenTelemetry instrumentation

• Improve config mapping for OpenTelemetry extensions (#7193 - @mcculls)
• Map OpenTelemetry environment variables to their Datadog equivalents (#7184 - @mcculls)
• Add more tests about OpenTelemetry attributes conventions (#7163 - @PerfectSlayer)
• Map OpenTelemetry muzzle references to Datadog equivalent (#7142 - @mcculls)
• Map OpenTelemetry VirtualField to Datadog ContextStore (#7129 - @mcculls)

All other instrumentations

• Avro instrumentation for schema tracking (#7236 - @nayeem-kamal)
• 🐛 Fix Protobuf schema sampling logic (#7197 - @piochelepiotr)
• Support graphql 22 (#7176 - @amarziali)

1.35.2

Components

Application Security Management (IAST)

• 🐛 Removed scala converter lambdas and ensure they are added as helpers (#7168 - @manuel-alvarez-alvarez)

Dynamic Instrumentation

• 🐛 Fix debugger batch upload URL when using UDS (#7167 - @mcculls)

Tracer internal logging

• Support DD_LOG_LEVEL (#7169 - @mcculls)

Instrumentations

AWS SDK instrumentation

• 🐛 SNS integration: do not modify readonly message attributes map (#7174 - @vandonr)

Kafka instrumentation

• 🐛 Fix NPE when kafka consumer info is not available (#7195 - @amarziali)

OpenTelemetry instrumentation

• Improve config mapping for OpenTelemetry extensions (#7194 - @mcculls)
• Map OpenTelemetry environment variables to their Datadog equivalents (#7185 - @mcculls)
• Map OpenTelemetry muzzle references to Datadog equivalent (#7172 - @mcculls)
• Map OpenTelemetry VirtualField to Datadog ContextStore (#7171 - @mcculls)

Log4J2 instrumentation

• 🐛 Start Datadog appender when doing agentless log submission for Log4j2 (#7180 - @nikita-tkachenko-datadog)