dd-trace 3.1.0 → 3.3.0

package/LICENSE-3rdparty.csv

@@ -7,6 +7,7 @@ require,crypto-randomuuid,MIT,Copyright 2021 Node.js Foundation and contributors
 require,diagnostics_channel,MIT,Copyright 2021 Simon D.
 require,ignore,MIT,Copyright 2013 Kael Zhang and contributors
 require,import-in-the-middle,Apache license 2.0,Copyright 2021 Datadog Inc.
+require,ipaddr.js,MIT,Copyright 2011-2017 whitequark
 require,istanbul-lib-coverage,BSD-3-Clause,Copyright 2012-2015 Yahoo! Inc.
 require,koalas,MIT,Copyright 2013-2017 Brian Woodward
 require,limiter,MIT,Copyright 2011 John Hurliman
@@ -14,6 +15,7 @@ require,lodash.kebabcase,MIT,Copyright JS Foundation and other contributors
 require,lodash.pick,MIT,Copyright JS Foundation and other contributors
 require,lodash.sortby,MIT,Copyright JS Foundation and other contributors
 require,lodash.uniq,MIT,Copyright JS Foundation and other contributors
+require,lru-cache,ISC,Copyright (c) 2010-2022 Isaac Z. Schlueter and Contributors
 require,methods,MIT,Copyright 2013-2014 TJ Holowaychuk
 require,module-details-from-path,MIT,Copyright 2016 Thomas Watson Steen
 require,opentracing,MIT,Copyright 2016 Resonance Labs Inc

package/README.md

@@ -21,6 +21,10 @@ For descriptions of terminology used in APM, take a look at the [official docume
 
 Before contributing to this open source project, read our [CONTRIBUTING.md](https://github.com/DataDog/dd-trace-js/blob/master/CONTRIBUTING.md).
 
+## Security Vulnerabilities
+
+If you have found a security issue, please contact the security team directly at [security@datadoghq.com](mailto:security@datadoghq.com).
+
 ### Requirements
 
 Since this project supports multiple Node versions, using a version

package/ext/tags.d.ts

@@ -15,7 +15,8 @@ declare const tags: {
   HTTP_ROUTE: 'http.route'
   HTTP_REQUEST_HEADERS: 'http.request.headers'
   HTTP_RESPONSE_HEADERS: 'http.response.headers'
-  HTTP_USERAGENT: 'http.useragent'
+  HTTP_USERAGENT: 'http.useragent',
+  HTTP_CLIENT_IP: 'http.client_ip'
 }
 
 export = tags

package/ext/tags.js

@@ -20,7 +20,8 @@ const tags = {
   HTTP_ROUTE: 'http.route',
   HTTP_REQUEST_HEADERS: 'http.request.headers',
   HTTP_RESPONSE_HEADERS: 'http.response.headers',
-  HTTP_USERAGENT: 'http.useragent'
+  HTTP_USERAGENT: 'http.useragent',
+  HTTP_CLIENT_IP: 'http.client_ip'
 }
 
 // Deprecated

package/index.d.ts

@@ -267,6 +267,22 @@ export declare interface TracerOptions {
    */
   sampleRate?: number;
 
+  /**
+   * Global rate limit that is applied on the global sample rate and all rules,
+   * and controls the ingestion rate limit between the agent and the backend.
+   * Defaults to deferring the decision to the agent.
+   */
+  rateLimit?: Number,
+
+  /**
+   * Sampling rules to apply to priority samplin. Each rule is a JSON,
+   * consisting of `service` and `name`, which are regexes to match against
+   * a trace's `service` and `name`, and a corresponding `sampleRate`. If not
+   * specified, will defer to global sampling rate for all spans.
+   * @default []
+   */
+  samplingRules?: SamplingRule[]
+
   /**
    * Interval in milliseconds at which the tracer will submit traces to the agent.
    * @default 2000
@@ -298,7 +314,10 @@ export declare interface TracerOptions {
   protocolVersion?: string
 
   /**
-   * Configuration of the ingestion between the agent and the backend.
+   * Deprecated in favor of the global versions of the variables provided under this option
+   *
+   * @deprecated
+   * @hidden
    */
   ingestion?: {
     /**
@@ -307,7 +326,7 @@ export declare interface TracerOptions {
     sampleRate?: number
 
     /**
-     * Controls the ingestion rate limit between the agent and the backend.
+     * Controls the ingestion rate limit between the agent and the backend. Defaults to deferring the decision to the agent.
      */
     rateLimit?: number
   };
@@ -333,32 +352,36 @@ export declare interface TracerOptions {
     exporter?: 'log' | 'agent'
 
     /**
-     * Configuration of the priority sampler. Supports a global config and rules by span name or service name. The first matching rule is applied, and if no rule matches it falls back to the global config or on the rates provided by the agent if there is no global config.
+     * Whether to enable the experimental `getRumData` method.
+     * @default false
      */
-    sampler?: {
+    enableGetRumData?: boolean
+
+    /**
+     * Configuration of the IAST. Can be a boolean as an alias to `iast.enabled`.
+     */
+    iast?: boolean  | {
       /**
-       * Sample rate to apply globally when no other rule is matched. Omit to fallback on the dynamic rates returned by the agent instead.
+       * Whether to enable IAST.
+       * @default false
        */
-      sampleRate?: Number,
-
+      enabled?: boolean,
       /**
-       * Global rate limit that is applied on the global sample rate and all rules.
-       * @default 100
+       * Controls the percentage of requests that iast will analyze
+       * @default 30
        */
-      rateLimit?: Number,
-
+      requestSampling?: number,
       /**
-       * Sampling rules to apply to priority sampling.
-       * @default []
+       * Controls how many request can be analyzing code vulnerabilities at the same time
+       * @default 2
        */
-      rules?: SamplingRule[]
+      maxConcurrentRequests?: number,
+      /**
+       * Controls how many code vulnerabilities can be detected in the same request
+       * @default 2
+       */
+      maxContextOperations?: number
     }
-
-    /**
-     * Whether to enable the experimental `getRumData` method.
-     * @default false
-     */
-    enableGetRumData?: boolean
   };
 
   /**

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dd-trace",
-  "version": "3.1.0",
+  "version": "3.3.0",
   "description": "Datadog APM tracing client for JavaScript",
   "main": "index.js",
   "typings": "index.d.ts",
@@ -59,13 +59,14 @@
   },
   "dependencies": {
     "@datadog/native-appsec": "^1.2.1",
-    "@datadog/native-metrics": "^1.4.2",
+    "@datadog/native-metrics": "^1.4.3",
     "@datadog/pprof": "^1.0.2",
-    "@datadog/sketches-js": "^2.0.0",
+    "@datadog/sketches-js": "^2.1.0",
     "crypto-randomuuid": "^1.0.0",
     "diagnostics_channel": "^1.1.0",
     "ignore": "^5.2.0",
-    "import-in-the-middle": "^1.3.0",
+    "import-in-the-middle": "^1.3.3",
+    "ipaddr.js": "^2.0.1",
     "istanbul-lib-coverage": "3.2.0",
     "koalas": "^1.0.2",
     "limiter": "^1.1.4",
@@ -73,6 +74,7 @@
     "lodash.pick": "^4.4.0",
     "lodash.sortby": "^4.7.0",
     "lodash.uniq": "^4.5.0",
+    "lru-cache": "^7.14.0",
     "methods": "^1.1.2",
     "module-details-from-path": "^1.0.3",
     "opentracing": ">=0.12.1",

package/packages/datadog-instrumentations/src/crypto.js

@@ -0,0 +1,32 @@
+'use strict'
+
+const {
+  channel,
+  addHook
+} = require('./helpers/instrument')
+const shimmer = require('../../datadog-shimmer')
+
+const cryptoHashCh = channel('datadog:crypto:hashing:start')
+const cryptoCipherCh = channel('datadog:crypto:cipher:start')
+
+const hashMethods = ['createHash', 'createHmac', 'createSign', 'createVerify', 'sign', 'verify']
+const cipherMethods = ['createCipheriv', 'createDecipheriv']
+
+addHook({ name: 'crypto' }, crypto => {
+  shimmer.massWrap(crypto, hashMethods, wrapCryptoMethod(cryptoHashCh))
+  shimmer.massWrap(crypto, cipherMethods, wrapCryptoMethod(cryptoCipherCh))
+  return crypto
+})
+
+function wrapCryptoMethod (channel) {
+  function wrapMethod (cryptoMethod) {
+    return function () {
+      if (channel.hasSubscribers && arguments.length > 0) {
+        const algorithm = arguments[0]
+        channel.publish({ algorithm })
+      }
+      return cryptoMethod.apply(this, arguments)
+    }
+  }
+  return wrapMethod
+}

package/packages/datadog-instrumentations/src/grpc/server.js

@@ -37,15 +37,17 @@ function wrapHandler (func, name) {
     return requestResource.runInAsyncScope(() => {
       startChannel.publish({ name, metadata, type })
 
-      // Finish the span if the call was cancelled.
-      call.once('cancelled', requestResource.bind(() => {
+      const onCancel = requestResource.bind(() => {
         finishChannel.publish({ code: CANCELLED })
-      }))
+      })
+
+      // Finish the span if the call was cancelled.
+      call.once('cancelled', onCancel)
 
       if (isStream) {
-        wrapStream(call, requestResource, parentResource)
+        wrapStream(call, requestResource, onCancel)
       } else {
-        arguments[1] = wrapCallback(callback, requestResource, parentResource)
+        arguments[1] = wrapCallback(callback, call, requestResource, parentResource, onCancel)
       }
 
       shimmer.wrap(call, 'emit', emit => requestResource.bind(emit))
@@ -65,7 +67,7 @@ function wrapRegister (register) {
   }
 }
 
-function wrapStream (call, requestResource) {
+function wrapStream (call, requestResource, onCancel) {
   if (call.call && call.call.sendStatus) {
     call.call.sendStatus = wrapSendStatus(call.call.sendStatus, requestResource)
   }
@@ -77,6 +79,8 @@ function wrapStream (call, requestResource) {
           errorChannel.publish(args[0])
           finishChannel.publish({ code: args[0].code })
 
+          call.removeListener('cancelled', onCancel)
+
           break
 
           // Finish the span of the response only if it was successful.
@@ -90,6 +94,8 @@ function wrapStream (call, requestResource) {
             finishChannel.publish()
           }
 
+          call.removeListener('cancelled', onCancel)
+
           break
       }
 
@@ -98,7 +104,7 @@ function wrapStream (call, requestResource) {
   })
 }
 
-function wrapCallback (callback, requestResource, parentResource) {
+function wrapCallback (callback, call, requestResource, parentResource, onCancel) {
   return function (err, value, trailer, flags) {
     requestResource.runInAsyncScope(() => {
       if (err instanceof Error) {
@@ -107,6 +113,8 @@ function wrapCallback (callback, requestResource, parentResource) {
       } else {
         finishChannel.publish({ code: OK, trailer })
       }
+
+      call.removeListener('cancelled', onCancel)
     })
 
     if (callback) {

package/packages/datadog-instrumentations/src/helpers/hooks.js

@@ -7,6 +7,7 @@ module.exports = {
   '@google-cloud/pubsub': () => require('../google-cloud-pubsub'),
   '@grpc/grpc-js': () => require('../grpc'),
   '@hapi/hapi': () => require('../hapi'),
+  '@jest/core': () => require('../jest'),
   '@koa/router': () => require('../koa'),
   '@node-redis/client': () => require('../redis'),
   'amqp10': () => require('../amqp10'),
@@ -17,6 +18,7 @@ module.exports = {
   'cassandra-driver': () => require('../cassandra-driver'),
   'connect': () => require('../connect'),
   'couchbase': () => require('../couchbase'),
+  'crypto': () => require('../crypto'),
   'cypress': () => require('../cypress'),
   'dns': () => require('../dns'),
   'elasticsearch': () => require('../elasticsearch'),
@@ -30,6 +32,8 @@ module.exports = {
   'http2': () => require('../http2'),
   'https': () => require('../http'),
   'ioredis': () => require('../ioredis'),
+  'jest-circus': () => require('../jest'),
+  'jest-config': () => require('../jest'),
   'jest-environment-node': () => require('../jest'),
   'jest-environment-jsdom': () => require('../jest'),
   'jest-jasmine2': () => require('../jest'),

package/packages/datadog-instrumentations/src/http/server.js

@@ -29,7 +29,7 @@ function wrapResponseEmit (emit) {
       return emit.apply(this, arguments)
     }
 
-    if (eventName === 'finish') {
+    if (eventName === 'close') {
       finishServerCh.publish({ req: this.req })
     }
 

package/packages/datadog-instrumentations/src/jest.js

@@ -3,13 +3,20 @@ const istanbul = require('istanbul-lib-coverage')
 const { addHook, channel, AsyncResource } = require('./helpers/instrument')
 const shimmer = require('../../datadog-shimmer')
 
+const testSessionStartCh = channel('ci:jest:session:start')
+const testSessionFinishCh = channel('ci:jest:session:finish')
+
+const testSessionConfigurationCh = channel('ci:jest:session:configuration')
+
+const testSuiteStartCh = channel('ci:jest:test-suite:start')
+const testSuiteFinishCh = channel('ci:jest:test-suite:finish')
+const testSuiteCodeCoverageCh = channel('ci:jest:test-suite:code-coverage')
+
 const testStartCh = channel('ci:jest:test:start')
 const testSkippedCh = channel('ci:jest:test:skip')
 const testRunFinishCh = channel('ci:jest:test:finish')
 const testErrCh = channel('ci:jest:test:err')
 
-const testCodeCoverageCh = channel('ci:jest:test:code-coverage')
-
 const {
   getTestSuitePath,
   getTestParametersString
@@ -17,7 +24,8 @@ const {
 
 const { getFormattedJestTestParameters, getJestTestName } = require('../../datadog-plugin-jest/src/util')
 
-// This function also resets the coverage counters
+const sessionAsyncResource = new AsyncResource('bound-anonymous-fn')
+
 function extractCoverageInformation (coverage, rootDir) {
   const coverageMap = istanbul.createCoverageMap(coverage)
 
@@ -28,8 +36,6 @@ function extractCoverageInformation (coverage, rootDir) {
       const lineCoverage = fileCoverage.getLineCoverage()
       const isAnyLineExecuted = Object.entries(lineCoverage).some(([, numExecutions]) => !!numExecutions)
 
-      fileCoverage.resetHits()
-
       return isAnyLineExecuted
     })
     .map(filename => filename.replace(`${rootDir}/`, ''))
@@ -63,6 +69,16 @@ function formatJestError (errors) {
   return error
 }
 
+function getTestEnvironmentOptions (config) {
+  if (config.projectConfig && config.projectConfig.testEnvironmentOptions) { // newer versions
+    return config.projectConfig.testEnvironmentOptions
+  }
+  if (config.testEnvironmentOptions) {
+    return config.testEnvironmentOptions
+  }
+  return {}
+}
+
 function getWrappedEnvironment (BaseEnvironment) {
   return class DatadogEnvironment extends BaseEnvironment {
     constructor (config, context) {
@@ -72,6 +88,8 @@ function getWrappedEnvironment (BaseEnvironment) {
       this.testSuite = getTestSuitePath(context.testPath, rootDir)
       this.nameToParams = {}
       this.global._ddtrace = global._ddtrace
+
+      this.testEnvironmentOptions = getTestEnvironmentOptions(config)
     }
 
     async handleTestEvent (event, state) {
@@ -114,10 +132,6 @@ function getWrappedEnvironment (BaseEnvironment) {
       if (event.name === 'test_done') {
         const asyncResource = asyncResources.get(event.test)
         asyncResource.runInAsyncScope(() => {
-          if (this.global.__coverage__) {
-            const coverageFiles = extractCoverageInformation(this.global.__coverage__, this.rootDir)
-            testCodeCoverageCh.publish(coverageFiles)
-          }
           let status = 'pass'
           if (event.test.errors && event.test.errors.length) {
             status = 'fail'
@@ -163,11 +177,113 @@ addHook({
   versions: ['>=24.8.0']
 }, getTestEnvironment)
 
+function cliWrapper (cli) {
+  const wrapped = shimmer.wrap(cli, 'runCLI', runCLI => async function () {
+    const processArgv = process.argv.slice(2).join(' ')
+    sessionAsyncResource.runInAsyncScope(() => {
+      testSessionStartCh.publish(`jest ${processArgv}`)
+    })
+    return runCLI.apply(this, arguments).then(result => {
+      const { results: { success } } = result
+      sessionAsyncResource.runInAsyncScope(() => {
+        testSessionFinishCh.publish(success ? 'pass' : 'fail')
+      })
+      return result
+    })
+  })
+
+  cli.runCLI = wrapped.runCLI
+
+  return cli
+}
+
 addHook({
-  name: 'jest-jasmine2',
-  versions: ['>=24.8.0'],
-  file: 'build/jasmineAsyncInstall.js'
-}, (jasmineAsyncInstallExport) => {
+  name: '@jest/core',
+  file: 'build/cli/index.js',
+  versions: ['>=24.8.0']
+}, cliWrapper)
+
+function jestAdapterWrapper (jestAdapter) {
+  const adapter = jestAdapter.default ? jestAdapter.default : jestAdapter
+  const newAdapter = shimmer.wrap(adapter, function () {
+    const environment = arguments[2]
+    const asyncResource = new AsyncResource('bound-anonymous-fn')
+    return asyncResource.runInAsyncScope(() => {
+      testSuiteStartCh.publish({
+        testSuite: environment.testSuite,
+        testEnvironmentOptions: environment.testEnvironmentOptions
+      })
+      return adapter.apply(this, arguments).then(suiteResults => {
+        const { numFailingTests, skipped, failureMessage: errorMessage } = suiteResults
+        let status = 'pass'
+        if (skipped) {
+          status = 'skipped'
+        } else if (numFailingTests !== 0) {
+          status = 'fail'
+        }
+        testSuiteFinishCh.publish({ status, errorMessage })
+        if (environment.global.__coverage__) {
+          const coverageFiles = extractCoverageInformation(environment.global.__coverage__, environment.rootDir)
+          if (coverageFiles.length) {
+            testSuiteCodeCoverageCh.publish([...coverageFiles, environment.testSuite])
+          }
+        }
+        return suiteResults
+      })
+    })
+  })
+  if (jestAdapter.default) {
+    jestAdapter.default = newAdapter
+  } else {
+    jestAdapter = newAdapter
+  }
+
+  return jestAdapter
+}
+
+addHook({
+  name: 'jest-circus',
+  file: 'build/legacy-code-todo-rewrite/jestAdapter.js',
+  versions: ['>=24.8.0']
+}, jestAdapterWrapper)
+
+function configureTestEnvironment (readConfigsResult) {
+  const { configs } = readConfigsResult
+  sessionAsyncResource.runInAsyncScope(() => {
+    testSessionConfigurationCh.publish(configs.map(config => config.testEnvironmentOptions))
+  })
+}
+
+function jestConfigAsyncWrapper (jestConfig) {
+  shimmer.wrap(jestConfig, 'readConfigs', readConfigs => async function () {
+    const readConfigsResult = await readConfigs.apply(this, arguments)
+    configureTestEnvironment(readConfigsResult)
+    return readConfigsResult
+  })
+  return jestConfig
+}
+
+function jestConfigSyncWrapper (jestConfig) {
+  shimmer.wrap(jestConfig, 'readConfigs', readConfigs => function () {
+    const readConfigsResult = readConfigs.apply(this, arguments)
+    configureTestEnvironment(readConfigsResult)
+    return readConfigsResult
+  })
+  return jestConfig
+}
+
+// from 25.1.0 on, readConfigs becomes async
+addHook({
+  name: 'jest-config',
+  versions: ['>=25.1.0']
+}, jestConfigAsyncWrapper)
+
+addHook({
+  name: 'jest-config',
+  versions: ['24.8.0 - 24.9.0']
+}, jestConfigSyncWrapper)
+
+function jasmineAsyncInstallWraper (jasmineAsyncInstallExport) {
   return function (globalConfig, globalInput) {
     globalInput._ddtrace = global._ddtrace
     shimmer.wrap(globalInput.jasmine.Spec.prototype, 'execute', execute => function (onComplete) {
@@ -194,4 +310,10 @@ addHook({
     })
     return jasmineAsyncInstallExport.default(globalConfig, globalInput)
   }
-})
+}
+
+addHook({
+  name: 'jest-jasmine2',
+  versions: ['>=24.8.0'],
+  file: 'build/jasmineAsyncInstall.js'
+}, jasmineAsyncInstallWraper)