Ddtrace

Bug Fixes

- Profiling: This fix resolves an issue where the profiler was forcing protobuf to load in injected environments,
causing crashes in configurations which relied on older protobuf versions. The profiler will now detect when injection is used and try loading with the native exporter. If that fails, it will self-disable rather than loading protobuf.


---

New Features

- kafka: Adds tracing and DSM support for `confluent_kafka.Consumer.consume()`. Previously only <span class="title-ref">confluent_kafka.Consumer.poll</span> was instrumented.

Bug Fixes

- ASM: always clear the DDWaf context at the end of the span to avoid gc-induced latency spikes at the end of some requests.
- internal: This fix resolves an issue where importing the `ddtrace.contrib.botocore.services` module would fail raising an ImportError
- setuptools_scm version: Updates the setuptools_scm versioning method to "guess-next-dev" from "release-branch-semver", which was affecting the CI
- structlog: Fixes error where multiple loggers would duplicate processors. Also adds processors injection when resetting to defaults.


---

Bug Fixes

- Code Security: This fix solves an issue with fstrings where formatting was not applied to int parameters


---

Bug Fixes

- internal: This fix resolves an error regarding the remote config module with payloads missing a `lib_config` entry
- Code Security: Ensure that when tainting the headers of a Flask application, iterating over the headers (i.e., with <span class="title-ref">headers.items()</span>) does not duplicate them.
- pymongo: this resolves an issue where the library raised an error in `pymongo.pool.validate_session`


---

Bug Fixes

- ASM: This fix resolves an issue where django login failure events may send wrong information of user existence.
- Code Security: fix setting the wrong source on map elements tainted from <span class="title-ref">taint_structure</span>.
- datastreams: Changed DSM processor error logs to debug logs for a statement which is retried. If all retries fail, the stack trace is included
- Code Security: Fixes an issue where the AST patching process fails when the origin of a module is reported as None, raising a `FileNotFoundError`.
- CI Visibility: fixes an issue where tests were less likely to be skipped due to ITR skippable tests requests timing out earlier than they should
- internal: This fix resolves an issue where importing the `ddtrace.contrib.botocore.services` module would fail raising an ImportError
- starlette: Fix a bug that crashed background tasks started from functions without a <span class="title-ref">\_\_name\_\_</span> attribute
- Code Security: Fixed an issue with AES functions from the pycryptodome package that caused the application to crash and stop.
- Code Security: This fix addresses an issue where tainting objects may fail due to context not being created in the current span.
- Code Security: Some native exceptions were not being caught correctly by the python tracer. This fix remove those exceptions to avoid fatal error executions.
- ASM: This fix removes unrequired API security metrics.
- structlog: Fixes error where multiple loggers would duplicate processors. Also adds processors injection when resetting to defaults.

---

Bug Fixes

- propagation: This fix resolves an issue where the sampling decision-maker tag in tracestate propagation headers was clobbered by a default value.
- langchain: Ensures langchain vision APIs are correctly instrumented
- ASM: This fix resolves an issue where the asgi middleware could crash with a RuntimeError "Unexpected message received".
- kafka: This fix resolves an issue where `None` messages from confluent-kafka could cause crashes in the Kafka integration.


---