Releases: DataDog/dd-trace-php
0.89.0
This release adds timeline support to the profiler. This is off by default. Enable it with the environment variable DD_PROFILING_EXPERIMENTAL_TIMELINE_ENABLED=1
or INI setting datadog.profiling.experimental_timeline_enabled=1
.
Added
- Add horizon as artisan queue command #2124 Thanks, @markwalet.
- Add network destination name to http client spans #2134
- Add automated Laravel user tracking events #2100
- Add DD_HTTP_SERVER_ROUTE_BASED_NAMING config to enforce resources #2138
Fixed
- Fix a memory leak when overriding default arguments in install_hook (PHP7.2-) #2107
- Generate runtime-id on first request #2137
- Better GC workaround on PHP 7.3 and below for cycle collected span stacks #2123
- Use proper variable for php-config #2114
- Generate runtime-id on first request #2137
Internal Changes
- Add note about cargo in README, make debug symbols included by default for manual compilation #2110
Profiling
Added
- Add timeline support #1997, #2108
- Add endpoint counts #2111
- Add file compilation times to timeline #2119
Internal changes
- ci: add stack walking benchmark #2041, #2133, #2136
- build: bump indexmap to v2.0.0 #2127
- build: bump bindgen to 0.66.1 #2128
Application Security Management (0.10.0)
Added
- Add automated user login events DataDog/dd-appsec-php#272
- Add sign up event DataDog/dd-appsec-php#275
Fixed
- Persist top-most root span from RINIT DataDog/dd-appsec-php#273
Internal Changes
- Rename system-test scenario DataDog/dd-appsec-php#271
- Support multiple traces and spans but provide only the root span on integration tests DataDog/dd-appsec-php#274
- Set libddwaf as git
safe.directory
onbuild package
step DataDog/dd-appsec-php#276
0.88.1
0.88.0
Added
- Add support for environment variable syntax to config mode in datadog-setup.php #2050
Changed
- Use span links in the RabbitMQ Integration #2092
- Disable root span generation and removes orphans for Laravel Horizon #2091
Fixed
- datadog-setup.php: remove return types for compatibility with PHP 5 #2059 Thanks @dserodio!
- Work around fiber->execute_data only being correct upon yielding #2072
- Skip error assignment on the root span for 5xx errors that shouldn't be reported #2089
- Ensure no crashes happen with multiple observers installed #2093
- Fix incorrect offset access in Laminas Integration #2094
Internal Changes
- build: delete unused C components #2055
- build: bump cmake and catch2 versions #2056
- build: reduce Laravel queues' tests flakiness #2057
- testing: add snapshot testing #2058
- build: pin guzzlehttp/promises to ^1.5.3 #2071
- Update removed methods used in Guzzle V6 & V7 test suites #2073
- build: drop now-unused uuid component #2096
- Prepare instrumentation telemetry #2029, #2086, #2099
- build: Add rebuild with ASAN section to randomized tests README.md #2084
Profiling
Allocation profiling is now enabled by default. You can manage it using the DD_PROFILING_ALLOCATION_ENABLED
environment variable or the datadog.profiling.allocation_enabled
setting in the INI file. Although the DD_PROFILING_EXPERIMENTAL_ALLOCATION_ENABLED
environment variable and datadog.profiling.experimental_allocation_enabled
INI setting still work, the new ones take precedence.
Added
Fixed
- fixed segfault in test suite #2077
Internal changes
- move allocation profiling to its own module #2090
Application Security Management (0.9.0)
Fixed
- Use /proc/self/fd to avoid rlimit iteration starvation DataDog/dd-appsec-php#265
Internal changes
- Update ruleset to 1.7.1 and libddwaf to 1.11.0 DataDog/dd-appsec-php#267
- Update fuzzer corpus DataDog/dd-appsec-php#268
0.87.2
Application Security Management (0.8.1)
Fixed
- Remove max payload size on remote config calls DataDog/dd-appsec-php#256
- Improve output of phpinfo DataDog/dd-appsec-php#259
- Avoid emitting errors when blocking on RSHUTDOWN DataDog/dd-appsec-php#261
- Improve RSHUTDOWN blocking and add logging DataDog/dd-appsec-php#264
0.87.1
0.87.0
Added
- Add config mode to datadog-setup.php #1951
- Add file hooking to DDTrace\install_hook #1989
- Allow DDTrace\install_hook to take any callable #1991
- Add Laminas integration #1990
- Add php-amqp integration #1996
- Add Laravel Queue integration with Span Links #2026
- Add SQLSRV Integration #2031
- Implement replacing of return values #2018
Changed
- Allow for consuming an array via DDTrace\consume_distributed_tracing_headers #2010
- Allow DDTrace\install_hook to take any callable #1991
- Do not force cycle collection at runtime on flush by default #2046
Fixed
- Add fixes for parametric testsuite #1988
- Fix exceptions and errors in auto_prepend_file #1987
- [Yii] Do not use module property if it doesn't exist #1999
- Load API files relative to the ComposerBootstrap.php instead of the ddtrace autoloader #2013
- Avoid side effects from errors within the sandbox #2015
- Prevent execution of install_hook() hooks after disabling tracer #2016
- Fix install_hook on functions returning by-reference #2017
- Fix #2012: Remove PHP 7-only types from signatures #2021 Thanks, @jmakuc, for reporting the issue.
- Ensure internal server errors are set on the root span in Laravel #2026
- Starting multiple traces in parallel does not confuse the limiter #2026
- Fix #2030: Segmentation fault with autoloaders bailing out #2037 Thanks, @NickStallman, for reporting the issue.
- Possible segfault when instrumenting
curl_setopt()
in PHP 7 #2039 - Fix resolving hooks within files declaring many functions on PHP 7.2 - 8.1 #2045
Internal changes
- Increase the number of configuration entries in zai config #2020
- Reduce the allocated heap size of the elasticsearch7 container #2040
Profiling
The profiling version number is now in sync with the tracer for stable releases.
Changed
- Sync profiling version number with tracer #1992
- refactor: move upscaling to
libdatadog
#1984 - perf: raise sampling distance for allocations to 2048 KB #2036
Fixed
- Fix crashes when allocation sampling occurs in certain places #2039
Internal changes
Application Security Management (0.8.0)
Fixed
- Amend issue when getting agent host and port DataDog/dd-appsec-php#230
- Flush socket on body limit DataDog/dd-appsec-php#233
- Set appsec disabled when ddtrace is not enabled DataDog/dd-appsec-php#245
- Cap retry to five minutes rc polling DataDog/dd-appsec-php#246
- Avoid updating waf when no updates provided on poll DataDog/dd-appsec-php#250
Added
- Custom rules support DataDog/dd-appsec-php#235
- Engine update batcher DataDog/dd-appsec-php#248
Changed
- Refactor capabilities DataDog/dd-appsec-php#227
- Refactor service DataDog/dd-appsec-php#229
- Update ip algorithm DataDog/dd-appsec-php#237
- Handle request-lifecycle atomically DataDog/dd-appsec-php#249
- Update-only engine listener and atomic config handling DataDog/dd-appsec-php#253
Internal Changes
- Upgrade tracer to 0.85.0 DataDog/dd-appsec-php#226
- Setup python 3.9 for system tests DataDog/dd-appsec-php#228
- Update WAF to 1.9.0, Ruleset to 1.6.0 and Tracer to 0.86.1 DataDog/dd-appsec-php#234
- Disable apache2 restart test on ZTS DataDog/dd-appsec-php#236
- Implement abstract methods of listener on test DataDog/dd-appsec-php#239
- Add test to ensure path parser does not count on /config ending DataDog/dd-appsec-php#240
- Update ruleset to 1.7.0 DataDog/dd-appsec-php#252
- Update html blocked template DataDog/dd-appsec-php#254
- Upgrade WAF to 1.10.0 and add custom_rules capability DataDog/dd-appsec-php#255
0.86.3
0.86.2
Fixed
- [Tracer][YII] Do not use module property if it doesn't exist #1999
Application Security Monitoring (0.7.1)
Fixed
- Fallback to default agent host and port DataDog/dd-appsec-php#231
- Support
DD_TRACE_AGENT_URL
DataDog/dd-appsec-php#231
0.86.1
0.86.0
⚠ Important: Enabling profiling on this release can crash if your code or any code dependencies use magic methods. Since this is difficult to determine, we recommend avoiding this release and moving to 0.86.1 or newer.
Added
- Add MemcacheIntegration #1981
- Add PSR18 tracing support in any PSR18 ClientInterface #1938
- Collect HTTP POST Data and headers #1971
Fixed
Internal changes
- Include the circleci URL for 1.0.0-nightly installers #1977
Profiling (0.15.0)
Fixed
- Fix issues when preloading and non-root php-fpm user are used #1975
Changed
- perf: speed up stack walking by using function run_time_cache #1949
Internal changes
- Fix system ini handling of invalid values in zai config #1982
Application Security Monitoring (v0.7.0)
Breaking Changes
- Delete
enabled_on_cli
ini setting DataDog/dd-appsec-php#182
Fixed
- Add uid and gid to sock and lock files DataDog/dd-appsec-php#183
Added
- Remote configuration client DataDog/dd-appsec-php#115
- Plug remote config service DataDog/dd-appsec-php#163
- Add
config_sync
helper command DataDog/dd-appsec-php#164 - Add ASM_DATA Product Listener DataDog/dd-appsec-php#188
- IP Blocking DataDog/dd-appsec-php#188
- Redirect support DataDog/dd-appsec-php#195
- Add
request_exec
helper command DataDog/dd-appsec-php#196 - ASM_DD Product Listener DataDog/dd-appsec-php#207
- ASM Product Listener DataDog/dd-appsec-php#210
- Rule Blocking DataDog/dd-appsec-php#210
- Check if RC is available before polling DataDog/dd-appsec-php#212
- User Blocking DataDog/dd-appsec-php#213
Internal Changes
- Support actions and refactor DataDog/dd-appsec-php#184
- Update
engine::subscriber
rule data DataDog/dd-appsec-php#186 - Blocking templates, missing traces fix and set blocking parameters DataDog/dd-appsec-php#187
- Upgrade tracer to v0.84.0 DataDog/dd-appsec-php#193
- Upgrade WAF 1.8.2 DataDog/dd-appsec-php#202
- Add init / commit stage to listeners DataDog/dd-appsec-php#208
- Ruleset 1.5.2 DataDog/dd-appsec-php#213
- Allow new and old default rules file to be loaded DataDog/dd-appsec-php#215
- Fallback to local IP on extraction DataDog/dd-appsec-php#216