dd-trace 2.35.1 → 2.37.0

package/LICENSE-3rdparty.csv

@@ -6,6 +6,8 @@ require,@datadog/native-iast-taint-tracking,Apache license 2.0,Copyright 2018 Da
 require,@datadog/pprof,Apache license 2.0,Copyright 2019 Google Inc.
 require,@datadog/sketches-js,Apache license 2.0,Copyright 2020 Datadog Inc.
 require,@types/node,MIT,Copyright Authors
+require,@opentelemetry/api,Apache license 2.0,Copyright OpenTelemetry Authors
+require,@opentelemetry/core,Apache license 2.0,Copyright OpenTelemetry Authors
 require,crypto-randomuuid,MIT,Copyright 2021 Node.js Foundation and contributors
 require,diagnostics_channel,MIT,Copyright 2021 Simon D.
 require,ignore,MIT,Copyright 2013 Kael Zhang and contributors

package/MIGRATING.md

@@ -4,6 +4,164 @@ This guide describes the steps to upgrade dd-trace from a major version to the
 next. If you are having any issues related to migrating, please feel free to
 open an issue or contact our [support](https://www.datadoghq.com/support/) team.
 
+## 3.0 to 4.0
+
+### Node 14 is no longer supported
+
+Node.js 14 has reached EOL in April 2023 and is no longer supported. Generally
+speaking, we highly recommend always keeping Node.js up to date regardless of
+our support policy.
+
+### The `orphanable` option was removed
+
+This option was only useful internally for a single integration that has since
+been removed. It was never useful for manual instrumentation since all that is
+needed to orphan a span on creation is to use
+`tracer.trace('web.request', { childOf: null })`.
+
+### Support for `jest-jasmine2` has been removed
+
+The default test runner for Jest was changed to `jest-circus` around 2 years ago and
+is no longer supported by our Jest integration for CI Visibility. We recommend
+switching to `jest-circus` to anyone still using `jest-jasmine2`.
+
+### Support for older Next.js versions was removed
+
+We now support only Next.js 10.2 and up.
+
+### W3C headers are now prioritized over Datadog headers
+
+As we move towards open standards, we have decided to prioritize W3C Trace
+Context headers over our own vendor-specific headers for context propagation
+across services. For most applications this shouldn't change anything and
+distributed tracing should continue to work seamlessly.
+
+In some rare cases it's possible that some of the services involved in a trace
+are not instrumented by Datadog at all which can cause spans within the trace to
+become disconnected. While the data would still be available in the UI, the
+relationship between spans would no longer be visible. This can be addressed by
+restoring the previous behaviour using
+`DD_TRACE_PROPAGATION_STYLE='datadog,tracecontext'`.
+
+## 2.0 to 3.0
+
+### Node 12 is no longer supported
+
+Node.js 12 has been EOL since April 2022 and is no longer supported. Generally
+speaking, we highly recommend always keeping Node.js up to date regardless of our
+support policy.
+
+### HTTP query string reported by default
+
+HTTP query strings are now reported by default as part of the `http.url` tag.
+This change is considered breaking only because there might be sensitive data
+in the query string. A default regular expression based obfuscator is provided
+for common use cases like API keys, but if your use case is not covered, the
+[DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP](https://datadoghq.dev/dd-trace-js/#tracer-settings)
+environment variable can be used to control what is obfuscated, and a value of
+`.*` would redact the query string entirely.
+
+### HTTP operation name change
+
+The HTTP integration now uses `web.request` for incoming requests and continues
+to use `http.request` for outgoing requests. When using a supported web
+framework like Express, this change will have no effect because the root span
+would already have an operation name override like `express.request`.
+Any [monitor](https://docs.datadoghq.com/monitors/create/types/apm/?tab=apmmetrics)
+on `http.request` for incoming requests should be updated to `web.request`.
+
+With this change, both operation names also appear under the main service name
+and are no longer split between the server service name and a separate client
+service name suffixed with `-http-client`.
+
+### gRPC operation name change
+
+The gRPC integration now uses `grpc.server` for incoming requests and
+`grpc.client` for outgoing requests. Any
+[monitor](https://docs.datadoghq.com/monitors/create/types/apm/?tab=apmmetrics)
+on `grpc.request` should be updated to one of these.
+
+With this change, both operation names also appear under the main service name
+and are no longer split between the server service name and a separate client
+service name suffixed with `-http-client`.
+
+### Removal of `fs` integration
+
+The `fs` integration was removed as it was originally added without an actual
+use case, and it's been problematic ever since. It's noisy, the output is
+confusing when using streams, errors that are handled higher in the stack end up
+being captured, etc.
+
+If you had any use for file system instrumentation, please let us know so we can
+provide an alternative.
+
+### Scope binding for promises and event emitters
+
+It's no longer possible to bind promises using `tracer.scope().bind(promise)` or
+event emitters using `tracer.scope().bind(emitter)`. These were historically
+added mostly for internal use, and changes to context propagation over the years
+made them unnecessary, both internally and externaly. If one of these is used
+anywhere, the call will simply be ignored and no binding will occur.
+
+To bind the `then` handler of a promise, bind the function directly directly:
+
+```js
+promise.then(tracer.scope().bind(handler))
+```
+
+To bind all listeners for an event, wrap the call to `emit` directly instead:
+
+```js
+tracer.scope().activate(span, () => {
+  emitter.emit('event')
+})
+```
+
+To bind individual listeners, bind the listener function directly instead:
+
+```js
+emitter.on('event', tracer.scope().bind(listener, span))
+```
+
+### Removed APIs
+
+The following APIs have been deprecated for a long time and have now been
+completely removed:
+
+- `tracer.currentSpan()`
+- `tracer.bindEmitter()`
+
+Since these have not been recommended nor publicly documented for years at this
+point, there should be no impact as no application is expected to be using them.
+
+### CI Visibility new entrypoints
+
+#### Cypress
+
+`dd-trace/cypress/plugin` and `dd-trace/cypress/support` are removed, so you won't 
+be able to use them for your `cypress` instrumentation. Use `dd-trace/ci/cypress/plugin`
+and `dd-trace/ci/cypress/support` instead for your plugin and support configuration 
+respectively. 
+
+#### Jest
+
+The use of `'dd-trace/ci/jest/env'` in [`testEnvironment`](https://jestjs.io/docs/configuration#testenvironment-string)
+is no longer supported. 
+To instrument `jest` tests now, add `'-r dd-trace/ci/init'` to the `NODE_OPTIONS` environment
+variable passed to the process running the tests, for example, `NODE_OPTIONS='-r dd-trace/ci/init' yarn test`.
+
+#### Mocha
+
+The use of `--require dd-trace/ci/init` as a `mocha` flag is no longer supported. 
+To instrument `mocha` tests now, add `'-r dd-trace/ci/init'` to the `NODE_OPTIONS` environment
+variable passed to the process running the tests, for example, `NODE_OPTIONS='-r dd-trace/ci/init' yarn test`.
+
+#### Cucumber
+
+The use of `--require-module dd-trace/ci/init` as a `cucumber-js` flag is no longer supported.
+To instrument `cucumber-js` tests now, add `'-r dd-trace/ci/init'` to the `NODE_OPTIONS` environment
+variable passed to the process running the tests, for example, `NODE_OPTIONS='-r dd-trace/ci/init' yarn test`.
+
 ## 1.0 to 2.0
 
 ### Configuration

package/README.md

@@ -1,6 +1,7 @@
 # `dd-trace`: Node.js APM Tracer Library
 
-[![npm v3](https://img.shields.io/npm/v/dd-trace/latest?color=blue&label=dd-trace%40v3&logo=npm)](https://www.npmjs.com/package/dd-trace)
+[![npm v4](https://img.shields.io/npm/v/dd-trace/latest?color=blue&label=dd-trace%40v4&logo=npm)](https://www.npmjs.com/package/dd-trace)
+[![npm v3](https://img.shields.io/npm/v/dd-trace/latest-node14?color=blue&label=dd-trace%40v3&logo=npm)](https://www.npmjs.com/package/dd-trace/v/latest-node12)
 [![npm v2](https://img.shields.io/npm/v/dd-trace/latest-node12?color=blue&label=dd-trace%40v2&logo=npm)](https://www.npmjs.com/package/dd-trace/v/latest-node12)
 [![npm dev](https://img.shields.io/npm/v/dd-trace/dev?color=orange&label=dd-trace%40dev&logo=npm)](https://www.npmjs.com/package/dd-trace/v/dev)
 [![codecov](https://codecov.io/gh/DataDog/dd-trace-js/branch/master/graph/badge.svg)](https://codecov.io/gh/DataDog/dd-trace-js)
@@ -28,27 +29,28 @@ Most of the documentation for `dd-trace` is available on these webpages:
 | :---:                                                    | :---:                                                                                                  | :---:    | :---:           | :---:          | :---:       |
 | [`v1`](https://github.com/DataDog/dd-trace-js/tree/v1.x) | ![npm v1](https://img.shields.io/npm/v/dd-trace/legacy-v1?color=white&label=%20&style=flat-square)     | `>= v12` | **End of Life** | 2021-07-13     | 2022-02-25  |
 | [`v2`](https://github.com/DataDog/dd-trace-js/tree/v2.x) | ![npm v2](https://img.shields.io/npm/v/dd-trace/latest-node12?color=white&label=%20&style=flat-square) | `>= v12` | **Maintenance** | 2022-01-28     | 2023-08-15  |
-| [`v3`](https://github.com/DataDog/dd-trace-js/tree/v3.x) | ![npm v3](https://img.shields.io/npm/v/dd-trace/latest?color=white&label=%20&style=flat-square)        | `>= v14` | **Current**     | 2022-08-15     | Unknown     |
+| [`v3`](https://github.com/DataDog/dd-trace-js/tree/v3.x) | ![npm v3](https://img.shields.io/npm/v/dd-trace/latest-node14?color=white&label=%20&style=flat-square) | `>= v14` | **Maintenance** | 2022-08-15     | 2024-05-15  |
+| [`v4`](https://github.com/DataDog/dd-trace-js/tree/v4.x) | ![npm v4](https://img.shields.io/npm/v/dd-trace/latest?color=white&label=%20&style=flat-square)        | `>= v16` | **Current**     | 2023-05-12     | Unknown     |
 
-We currently maintain two release lines, namely `v2` and `v3`.
-Features and bug fixes that are merged are released to the `v3` line and, if appropriate, also the `v2` line.
+We currently maintain three release lines, namely `v2`, `v3` and `v4`.
+Features and bug fixes that are merged are released to the `v4` line and, if appropriate, also the `v2` and `v3` line.
 
-For any new projects it is recommended to use the `v3` release line:
+For any new projects it is recommended to use the `v4` release line:
 
 ```sh
 $ npm install dd-trace
 $ yarn add dd-trace
 ```
 
-However, existing projects that already use the `v2` release line, or projects that need to support Node.js v12, may use the `v2` release line.
+However, existing projects that already use the `v2` or `v3` release lines, or projects that need to support EOL versions of Node.js, may continue to use these release lines.
 This is done by specifying the version when installing the package.
-Note that we also publish to npm using a `latest-node12` tag that can also be used for install:
+Note that we also publish to npm using a `latest-node12` and `latest-node14` tag that can also be used for install:
 
 ```sh
-$ npm install dd-trace@2
-$ yarn add dd-trace@2
-$ npm install dd-trace@latest-node12
-$ yarn add dd-trace@latest-node12
+$ npm install dd-trace@3
+$ yarn add dd-trace@3
+$ npm install dd-trace@latest-node14
+$ yarn add dd-trace@latest-node14
 ```
 
 Any backwards-breaking functionality that is introduced into the library will result in an increase of the major version of the library and therefore a new release line.
@@ -153,6 +155,11 @@ $ yarn lint
 
 ### Experimental ESM Support
 
+> **Warning**
+> 
+> ESM support has been temporarily disabled starting from Node 20 as significant
+> changes are in progress.
+
 ESM support is currently in the experimental stages, while CJS has been supported
 since inception. This means that code loaded using `require()` should work fine
 but code loaded using `import` might not always work.

package/index.d.ts

@@ -2,6 +2,7 @@ import { ClientRequest, IncomingMessage, OutgoingMessage, ServerResponse } from
 import { LookupFunction } from 'net';
 import * as opentracing from "opentracing";
 import { SpanOptions } from "opentracing/lib/tracer";
+import * as otel from "@opentelemetry/api";
 
 export { SpanOptions };
 
@@ -118,6 +119,8 @@ export declare interface Tracer extends opentracing.Tracer {
   setUser (user: User): Tracer;
 
   appsec: Appsec;
+
+  TracerProvider: opentelemetry.TracerProvider;
 }
 
 export declare interface TraceOptions extends Analyzable {
@@ -756,6 +759,7 @@ interface Plugins {
   "elasticsearch": plugins.elasticsearch;
   "express": plugins.express;
   "fastify": plugins.fastify;
+  "fetch": plugins.fetch;
   "fs": plugins.fs;
   "generic-pool": plugins.generic_pool;
   "google-cloud-pubsub": plugins.google_cloud_pubsub;
@@ -1100,6 +1104,12 @@ declare namespace plugins {
    */
   interface fastify extends HttpServer {}
 
+  /**
+   * This plugin automatically instruments the
+   * [fetch](https://nodejs.org/api/globals.html#fetch) global.
+   */
+  interface fetch extends HttpClient {}
+
   /**
    * This plugin automatically instruments the
    * [fs](https://nodejs.org/api/fs.html) module.
@@ -1596,6 +1606,277 @@ declare namespace plugins {
   interface winston extends Integration {}
 }
 
+export namespace opentelemetry {
+  /**
+   * A registry for creating named {@link Tracer}s.
+   */
+  export interface TracerProvider extends otel.TracerProvider {
+    /**
+     * Construct a new TracerProvider to register with @opentelemetry/api
+     *
+     * @returns TracerProvider A TracerProvider instance
+     */
+    new(): TracerProvider;
+
+    /**
+     * Returns a Tracer, creating one if one with the given name and version is
+     * not already created.
+     *
+     * This function may return different Tracer types (e.g.
+     * {@link NoopTracerProvider} vs. a functional tracer).
+     *
+     * @param name The name of the tracer or instrumentation library.
+     * @param version The version of the tracer or instrumentation library.
+     * @param options The options of the tracer or instrumentation library.
+     * @returns Tracer A Tracer with the given name and version
+     */
+    getTracer(name: string, version?: string): Tracer;
+
+    /**
+     * Register this tracer provider with @opentelemetry/api
+     */
+    register(): void;
+  }
+
+  /**
+   * Tracer provides an interface for creating {@link Span}s.
+   */
+  export interface Tracer extends otel.Tracer {
+    /**
+     * Starts a new {@link Span}. Start the span without setting it on context.
+     *
+     * This method do NOT modify the current Context.
+     *
+     * @param name The name of the span
+     * @param [options] SpanOptions used for span creation
+     * @param [context] Context to use to extract parent
+     * @returns Span The newly created span
+     * @example
+     *     const span = tracer.startSpan('op');
+     *     span.setAttribute('key', 'value');
+     *     span.end();
+     */
+    startSpan(name: string, options?: SpanOptions, context?: Context): Span;
+
+    /**
+     * Starts a new {@link Span} and calls the given function passing it the
+     * created span as first argument.
+     * Additionally the new span gets set in context and this context is activated
+     * for the duration of the function call.
+     *
+     * @param name The name of the span
+     * @param [options] SpanOptions used for span creation
+     * @param [context] Context to use to extract parent
+     * @param fn function called in the context of the span and receives the newly created span as an argument
+     * @returns return value of fn
+     * @example
+     *     const something = tracer.startActiveSpan('op', span => {
+     *       try {
+     *         do some work
+     *         span.setStatus({code: SpanStatusCode.OK});
+     *         return something;
+     *       } catch (err) {
+     *         span.setStatus({
+     *           code: SpanStatusCode.ERROR,
+     *           message: err.message,
+     *         });
+     *         throw err;
+     *       } finally {
+     *         span.end();
+     *       }
+     *     });
+     *
+     * @example
+     *     const span = tracer.startActiveSpan('op', span => {
+     *       try {
+     *         do some work
+     *         return span;
+     *       } catch (err) {
+     *         span.setStatus({
+     *           code: SpanStatusCode.ERROR,
+     *           message: err.message,
+     *         });
+     *         throw err;
+     *       }
+     *     });
+     *     do some more work
+     *     span.end();
+     */
+    startActiveSpan<F extends (span: Span) => unknown>(name: string, fn: F): ReturnType<F>;
+    startActiveSpan<F extends (span: Span) => unknown>(name: string, options: SpanOptions, fn: F): ReturnType<F>;
+    startActiveSpan<F extends (span: Span) => unknown>(name: string, options: SpanOptions, context: otel.Context, fn: F): ReturnType<F>;
+  }
+
+  /**
+   * An interface that represents a span. A span represents a single operation
+   * within a trace. Examples of span might include remote procedure calls or a
+   * in-process function calls to sub-components. A Trace has a single, top-level
+   * "root" Span that in turn may have zero or more child Spans, which in turn
+   * may have children.
+   *
+   * Spans are created by the {@link Tracer.startSpan} method.
+   */
+  export interface Span extends otel.Span {
+    /**
+     * Returns the {@link SpanContext} object associated with this Span.
+     *
+     * Get an immutable, serializable identifier for this span that can be used
+     * to create new child spans. Returned SpanContext is usable even after the
+     * span ends.
+     *
+     * @returns the SpanContext object associated with this Span.
+     */
+    spanContext(): SpanContext;
+
+    /**
+     * Sets an attribute to the span.
+     *
+     * Sets a single Attribute with the key and value passed as arguments.
+     *
+     * @param key the key for this attribute.
+     * @param value the value for this attribute. Setting a value null or
+     *              undefined is invalid and will result in undefined behavior.
+     */
+    setAttribute(key: string, value: SpanAttributeValue): this;
+
+    /**
+     * Sets attributes to the span.
+     *
+     * @param attributes the attributes that will be added.
+     *                   null or undefined attribute values
+     *                   are invalid and will result in undefined behavior.
+     */
+    setAttributes(attributes: SpanAttributes): this;
+
+    /**
+     * Adds an event to the Span.
+     *
+     * @param name the name of the event.
+     * @param [attributesOrStartTime] the attributes that will be added; these are
+     *     associated with this event. Can be also a start time
+     *     if type is {@type TimeInput} and 3rd param is undefined
+     * @param [startTime] start time of the event.
+     */
+    addEvent(name: string, attributesOrStartTime?: SpanAttributes | TimeInput, startTime?: TimeInput): this;
+
+    /**
+     * Sets a status to the span. If used, this will override the default Span
+     * status. Default is {@link SpanStatusCode.UNSET}. SetStatus overrides the value
+     * of previous calls to SetStatus on the Span.
+     *
+     * @param status the SpanStatus to set.
+     */
+    setStatus(status: SpanStatus): this;
+
+    /**
+     * Updates the Span name.
+     *
+     * This will override the name provided via {@link Tracer.startSpan}.
+     *
+     * Upon this update, any sampling behavior based on Span name will depend on
+     * the implementation.
+     *
+     * @param name the Span name.
+     */
+    updateName(name: string): this;
+
+    /**
+     * Marks the end of Span execution.
+     *
+     * Call to End of a Span MUST not have any effects on child spans. Those may
+     * still be running and can be ended later.
+     *
+     * Do not return `this`. The Span generally should not be used after it
+     * is ended so chaining is not desired in this context.
+     *
+     * @param [endTime] the time to set as Span's end time. If not provided,
+     *     use the current time as the span's end time.
+     */
+    end(endTime?: TimeInput): void;
+
+    /**
+     * Returns the flag whether this span will be recorded.
+     *
+     * @returns true if this Span is active and recording information like events
+     *     with the `AddEvent` operation and attributes using `setAttributes`.
+     */
+    isRecording(): boolean;
+
+    /**
+     * Sets exception as a span event
+     * @param exception the exception the only accepted values are string or Error
+     * @param [time] the time to set as Span's event time. If not provided,
+     *     use the current time.
+     */
+    recordException(exception: Exception, time?: TimeInput): void;
+  }
+
+  /**
+   * A SpanContext represents the portion of a {@link Span} which must be
+   * serialized and propagated along side of a {@link Baggage}.
+   */
+  export interface SpanContext extends otel.SpanContext {
+    /**
+     * The ID of the trace that this span belongs to. It is worldwide unique
+     * with practically sufficient probability by being made as 16 randomly
+     * generated bytes, encoded as a 32 lowercase hex characters corresponding to
+     * 128 bits.
+     */
+    traceId: string;
+
+    /**
+     * The ID of the Span. It is globally unique with practically sufficient
+     * probability by being made as 8 randomly generated bytes, encoded as a 16
+     * lowercase hex characters corresponding to 64 bits.
+     */
+    spanId: string;
+
+    /**
+     * Only true if the SpanContext was propagated from a remote parent.
+     */
+    isRemote?: boolean;
+
+    /**
+     * Trace flags to propagate.
+     *
+     * It is represented as 1 byte (bitmap). Bit to represent whether trace is
+     * sampled or not. When set, the least significant bit documents that the
+     * caller may have recorded trace data. A caller who does not record trace
+     * data out-of-band leaves this flag unset.
+     *
+     * see {@link TraceFlags} for valid flag values.
+     */
+    traceFlags: number;
+
+    /**
+     * Tracing-system-specific info to propagate.
+     *
+     * The tracestate field value is a `list` as defined below. The `list` is a
+     * series of `list-members` separated by commas `,`, and a list-member is a
+     * key/value pair separated by an equals sign `=`. Spaces and horizontal tabs
+     * surrounding `list-members` are ignored. There can be a maximum of 32
+     * `list-members` in a `list`.
+     * More Info: https://www.w3.org/TR/trace-context/#tracestate-field
+     *
+     * Examples:
+     *     Single tracing system (generic format):
+     *         tracestate: rojo=00f067aa0ba902b7
+     *     Multiple tracing systems (with different formatting):
+     *         tracestate: rojo=00f067aa0ba902b7,congo=t61rcWkgMzE
+     */
+    traceState?: TraceState;
+  }
+
+  export type Context = otel.Context;
+  export type Exception = otel.Exception;
+  export type SpanAttributes = otel.SpanAttributes;
+  export type SpanAttributeValue = otel.SpanAttributeValue;
+  export type SpanOptions = otel.SpanOptions;
+  export type SpanStatus = otel.SpanStatus;
+  export type TimeInput = otel.TimeInput;
+  export type TraceState = otel.TraceState;
+}
+
 /**
  * Singleton returned by the module. It has to be initialized before it will
  * start tracing. If not initialized, or initialized and disabled, it will use

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dd-trace",
-  "version": "2.35.1",
+  "version": "2.37.0",
   "description": "Datadog APM tracing client for JavaScript",
   "main": "index.js",
   "typings": "index.d.ts",
@@ -19,7 +19,7 @@
     "test:appsec:ci": "nyc --no-clean --include \"packages/dd-trace/src/appsec/**/*.js\" --exclude \"packages/dd-trace/test/appsec/**/*.plugin.spec.js\" -- npm run test:appsec",
     "test:appsec:plugins": "mocha --colors --exit -r \"packages/dd-trace/test/setup/mocha.js\" \"packages/dd-trace/test/appsec/**/*.@($(echo $PLUGINS)).plugin.spec.js\"",
     "test:appsec:plugins:ci": "yarn services && nyc --no-clean --include \"packages/dd-trace/test/appsec/**/*.@($(echo $PLUGINS)).plugin.spec.js\" -- npm run test:appsec:plugins",
-    "test:trace:core": "tap packages/dd-trace/test/*.spec.js \"packages/dd-trace/test/{ci-visibility,encode,exporters,opentracing,plugins,telemetry}/**/*.spec.js\"",
+    "test:trace:core": "tap packages/dd-trace/test/*.spec.js \"packages/dd-trace/test/{ci-visibility,config,encode,exporters,opentelemetry,opentracing,plugins,telemetry}/**/*.spec.js\"",
     "test:trace:core:ci": "npm run test:trace:core -- --coverage --nyc-arg=--include=\"packages/dd-trace/src/**/*.js\"",
     "test:instrumentations": "mocha --colors -r 'packages/dd-trace/test/setup/mocha.js' 'packages/datadog-instrumentations/test/**/*.spec.js'",
     "test:instrumentations:ci": "nyc --no-clean --include 'packages/datadog-instrumentations/src/**/*.js' -- npm run test:instrumentations",
@@ -68,11 +68,13 @@
   "dependencies": {
     "@datadog/native-appsec": "^3.2.0",
     "@datadog/native-iast-rewriter": "2.0.1",
-    "@datadog/native-iast-taint-tracking": "^1.4.1",
+    "@datadog/native-iast-taint-tracking": "^1.5.0",
     "@datadog/native-metrics": "^1.6.0",
-    "@datadog/pprof": "^2.2.1",
+    "@datadog/pprof": "2.2.3",
     "@datadog/sketches-js": "^2.1.0",
     "@types/node": "<18.13",
+    "@opentelemetry/api": "^1.0.0",
+    "@opentelemetry/core": "<1.4.0",
     "crypto-randomuuid": "^1.0.0",
     "diagnostics_channel": "^1.1.0",
     "ignore": "^5.2.0",

package/packages/datadog-instrumentations/src/cookie.js

@@ -0,0 +1,21 @@
+'use strict'
+
+const shimmer = require('../../datadog-shimmer')
+const { channel, addHook } = require('./helpers/instrument')
+
+const cookieParseCh = channel('datadog:cookie:parse:finish')
+
+function wrapParse (originalParse) {
+  return function () {
+    const cookies = originalParse.apply(this, arguments)
+    if (cookieParseCh.hasSubscribers && cookies) {
+      cookieParseCh.publish({ cookies })
+    }
+    return cookies
+  }
+}
+
+addHook({ name: 'cookie', versions: ['>=0.4'] }, cookie => {
+  shimmer.wrap(cookie, 'parse', wrapParse)
+  return cookie
+})

package/packages/datadog-instrumentations/src/fetch.js

@@ -0,0 +1,48 @@
+'use strict'
+
+const shimmer = require('../../datadog-shimmer')
+const { channel } = require('./helpers/instrument')
+
+const startChannel = channel('apm:fetch:request:start')
+const finishChannel = channel('apm:fetch:request:finish')
+const errorChannel = channel('apm:fetch:request:error')
+
+function wrapFetch (fetch, Request) {
+  if (typeof fetch !== 'function') return fetch
+
+  return function (input, init) {
+    if (!startChannel.hasSubscribers) return fetch.apply(this, arguments)
+
+    const req = new Request(input, init)
+    const headers = req.headers
+    const message = { req, headers }
+
+    startChannel.publish(message)
+
+    // Request object is read-only so we need new objects to change headers.
+    arguments[0] = message.req
+    arguments[1] = { headers: message.headers }
+
+    return fetch.apply(this, arguments)
+      .then(
+        res => {
+          finishChannel.publish({ req, res })
+
+          return res
+        },
+        err => {
+          if (err.name !== 'AbortError') {
+            errorChannel.publish(err)
+          }
+
+          finishChannel.publish({ req })
+
+          throw err
+        }
+      )
+  }
+}
+
+if (globalThis.fetch) {
+  globalThis.fetch = shimmer.wrap(fetch, wrapFetch(fetch, globalThis.Request))
+}

package/packages/datadog-instrumentations/src/grpc/server.js

@@ -107,7 +107,7 @@ function wrapStream (call, requestResource, onCancel) {
 function wrapCallback (callback, call, requestResource, parentResource, onCancel) {
   return function (err, value, trailer, flags) {
     requestResource.runInAsyncScope(() => {
-      if (err instanceof Error) {
+      if (err) {
         errorChannel.publish(err)
         finishChannel.publish(err)
       } else {

package/packages/datadog-instrumentations/src/helpers/hooks.js

@@ -14,6 +14,7 @@ module.exports = {
   '@koa/router': () => require('../koa'),
   '@node-redis/client': () => require('../redis'),
   '@opensearch-project/opensearch': () => require('../opensearch'),
+  '@opentelemetry/sdk-trace-node': () => require('../otel-sdk-trace'),
   '@redis/client': () => require('../redis'),
   'amqp10': () => require('../amqp10'),
   'amqplib': () => require('../amqplib'),
@@ -25,6 +26,7 @@ module.exports = {
   'child_process': () => require('../child-process'),
   'node:child_process': () => require('../child-process'),
   'connect': () => require('../connect'),
+  'cookie': () => require('../cookie'),
   'couchbase': () => require('../couchbase'),
   'crypto': () => require('../crypto'),
   'cypress': () => require('../cypress'),