dd-trace 3.12.1 → 3.15.0

package/LICENSE-3rdparty.csv

@@ -57,6 +57,7 @@ dev,multer,MIT,Copyright 2014 Hage Yaapa
 dev,msgpack-lite,MIT,Copyright 2015 Yusuke Kawasaki
 dev,nock,MIT,Copyright 2017 Pedro Teixeira and other contributors
 dev,nyc,ISC,Copyright 2015 Contributors
+dev,pprof-format,MIT,Copyright 2022 Stephen Belanger
 dev,proxyquire,MIT,Copyright 2013 Thorsten Lorenz
 dev,rimraf,ISC,Copyright Isaac Z. Schlueter and Contributors
 dev,sinon,BSD-3-Clause,Copyright 2010-2017 Christian Johansen

package/README.md

@@ -24,11 +24,11 @@ Most of the documentation for `dd-trace` is available on these webpages:
 
 ## Version Release Lines and Maintenance
 
-| Release Line                                             | Latest Version                                                                                         | Status          |Initial Release | End of Life |
-| :--:                                                     | :--:                                                                                                   | :---:           | :---:          | :---:       |
-| [`v1`](https://github.com/DataDog/dd-trace-js/tree/v1.x) | ![npm v1](https://img.shields.io/npm/v/dd-trace/legacy-v1?color=white&label=%20&style=flat-square)     | **End of Life** | 2021-07-13     | 2022-02-25  |
-| [`v2`](https://github.com/DataDog/dd-trace-js/tree/v2.x) | ![npm v2](https://img.shields.io/npm/v/dd-trace/latest-node12?color=white&label=%20&style=flat-square) | **Maintenance** | 2022-01-28     | 2023-08-15  |
-| [`v3`](https://github.com/DataDog/dd-trace-js/tree/v3.x) | ![npm v3](https://img.shields.io/npm/v/dd-trace/latest?color=white&label=%20&style=flat-square)        | **Current**     | 2022-08-15     | Unknown     |
+| Release Line                                             | Latest Version                                                                                         | Node.js  | Status          |Initial Release | End of Life |
+| :---:                                                    | :---:                                                                                                  | :---:    | :---:           | :---:          | :---:       |
+| [`v1`](https://github.com/DataDog/dd-trace-js/tree/v1.x) | ![npm v1](https://img.shields.io/npm/v/dd-trace/legacy-v1?color=white&label=%20&style=flat-square)     | `>= v12` | **End of Life** | 2021-07-13     | 2022-02-25  |
+| [`v2`](https://github.com/DataDog/dd-trace-js/tree/v2.x) | ![npm v2](https://img.shields.io/npm/v/dd-trace/latest-node12?color=white&label=%20&style=flat-square) | `>= v12` | **Maintenance** | 2022-01-28     | 2023-08-15  |
+| [`v3`](https://github.com/DataDog/dd-trace-js/tree/v3.x) | ![npm v3](https://img.shields.io/npm/v/dd-trace/latest?color=white&label=%20&style=flat-square)        | `>= v14` | **Current**     | 2022-08-15     | Unknown     |
 
 We currently maintain two release lines, namely `v2` and `v3`.
 Features and bug fixes that are merged are released to the `v3` line and, if appropriate, also the `v2` line.

package/ci/init.js

@@ -8,7 +8,8 @@ const options = {
   tags: {
     [ORIGIN_KEY]: 'ciapp-test'
   },
-  isCiVisibility: true
+  isCiVisibility: true,
+  flushInterval: 5000
 }
 
 let shouldInit = true
@@ -34,6 +35,7 @@ so dd-trace will not be initialized.`)
 
 if (shouldInit) {
   tracer.init(options)
+  tracer.use('fs', false)
 }
 
 module.exports = tracer

package/index.d.ts

@@ -1,4 +1,4 @@
-import { ClientRequest, IncomingMessage, ServerResponse } from "http";
+import { ClientRequest, IncomingMessage, OutgoingMessage, ServerResponse } from "http";
 import { LookupFunction } from 'net';
 import * as opentracing from "opentracing";
 import { SpanOptions } from "opentracing/lib/tracer";
@@ -115,6 +115,8 @@ export declare interface Tracer extends opentracing.Tracer {
    * @returns {Tracer} The Tracer instance for chaining.
    */
   setUser (user: User): Tracer;
+
+  appsec: Appsec;
 }
 
 export declare interface TraceOptions extends Analyzable {
@@ -219,6 +221,21 @@ export declare interface SpanSamplingRule {
   name?: string
 }
 
+/**
+ * Selection and priority order of context propagation injection and extraction mechanisms.
+ */
+export declare interface PropagationStyle {
+  /**
+   * Selection of context propagation injection mechanisms.
+   */
+  inject: string[],
+
+  /**
+   * Selection and priority order of context propagation extraction mechanisms.
+   */
+  extract: string[]
+}
+
 /**
  * List of options available to the tracer.
  */
@@ -537,6 +554,22 @@ export declare interface TracerOptions {
      */
     pollInterval?: number,
   }
+
+  /**
+   * Whether to enable client IP collection from relevant IP headers
+   * @default false
+   */
+  clientIpEnabled?: boolean
+
+  /**
+   * Custom header name to source the http.client_ip tag from.
+   */
+  clientIpHeader?: string,
+
+  /**
+   * The selection and priority order of context propagation injection and extraction mechanisms.
+   */
+  propagationStyle?: string[] | PropagationStyle
 }
 
 /**
@@ -582,6 +615,65 @@ export declare interface User {
   [key: string]: string | undefined
 }
 
+export declare interface Appsec {
+  /**
+   * Links a successful login event to the current trace. Will link the passed user to the current trace with Appsec.setUser() internally.
+   * @param {User} user Properties of the authenticated user. Accepts custom fields.
+   * @param {[key: string]: string} metadata Custom fields to link to the login success event.
+   *
+   * @beta This method is in beta and could change in future versions.
+   */
+  trackUserLoginSuccessEvent(user: User, metadata?: { [key: string]: string }): void
+
+  /**
+   * Links a failed login event to the current trace.
+   * @param {string} userId The user id of the attemped login.
+   * @param {boolean} exists If the user id exists.
+   * @param {[key: string]: string} metadata Custom fields to link to the login failure event.
+   *
+   * @beta This method is in beta and could change in future versions.
+   */
+  trackUserLoginFailureEvent(userId: string, exists: boolean, metadata?: { [key: string]: string }): void
+
+  /**
+   * Links a custom event to the current trace.
+   * @param {string} eventName The name of the event.
+   * @param {[key: string]: string} metadata Custom fields to link to the event.
+   *
+   * @beta This method is in beta and could change in future versions.
+   */
+  trackCustomEvent(eventName: string, metadata?: { [key: string]: string }): void
+
+  /**
+   * Checks if the passed user should be blocked according to AppSec rules.
+   * If no user is linked to the current trace, will link the passed user to it.
+   * @param {User} user Properties of the authenticated user. Accepts custom fields.
+   * @return {boolean} Indicates whether the user should be blocked.
+   *
+   * @beta This method is in beta and could change in the future
+   */
+  isUserBlocked(user: User): boolean
+
+  /**
+   * Sends a "blocked" template response based on the request accept header and ends the response.
+   * **You should stop processing the request after calling this function!**
+   * @param {IncomingMessage} req Can be passed to force which request to act on. Optional.
+   * @param {OutgoingMessage} res Can be passed to force which response to act on. Optional.
+   * @return {boolean} Indicates if the action was successful.
+   *
+   * @beta This method is in beta and could change in the future
+   */
+  blockRequest(req?: IncomingMessage, res?: OutgoingMessage): boolean
+
+  /**
+   * Links an authenticated user to the current trace.
+   * @param {User} user Properties of the authenticated user. Accepts custom fields.
+   *
+   * @beta This method is in beta and could change in the future
+   */
+  setUser(user: User): void
+}
+
 /** @hidden */
 declare type anyObject = {
   [key: string]: any;
@@ -669,6 +761,7 @@ interface Plugins {
   "opensearch": plugins.opensearch;
   "oracledb": plugins.oracledb;
   "paperplane": plugins.paperplane;
+  "playwright": plugins.playwright;
   "pg": plugins.pg;
   "pino": plugins.pino;
   "redis": plugins.redis;
@@ -1358,6 +1451,12 @@ declare namespace plugins {
    */
   interface paperplane extends HttpServer {}
 
+  /**
+  * This plugin automatically instruments the
+  * [playwright](https://github.com/microsoft/playwright) module.
+  */
+  interface playwright extends Integration {}
+
   /**
    * This plugin automatically instruments the
    * [pg](https://node-postgres.com/) module.

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dd-trace",
-  "version": "3.12.1",
+  "version": "3.15.0",
   "description": "Datadog APM tracing client for JavaScript",
   "main": "index.js",
   "typings": "index.d.ts",
@@ -61,10 +61,10 @@
   },
   "dependencies": {
     "@datadog/native-appsec": "2.0.0",
-    "@datadog/native-iast-rewriter": "1.1.2",
-    "@datadog/native-iast-taint-tracking": "1.1.0",
+    "@datadog/native-iast-rewriter": "2.0.1",
+    "@datadog/native-iast-taint-tracking": "1.1.1",
     "@datadog/native-metrics": "^1.5.0",
-    "@datadog/pprof": "^1.1.1",
+    "@datadog/pprof": "^2.0.0",
     "@datadog/sketches-js": "^2.1.0",
     "crypto-randomuuid": "^1.0.0",
     "diagnostics_channel": "^1.1.0",
@@ -120,6 +120,7 @@
     "multer": "^1.4.5-lts.1",
     "nock": "^11.3.3",
     "nyc": "^15.1.0",
+    "pprof-format": "^2.0.7",
     "proxyquire": "^1.8.0",
     "rimraf": "^3.0.0",
     "sinon": "^11.1.2",

package/packages/datadog-instrumentations/src/aws-sdk.js

@@ -39,6 +39,77 @@ function wrapRequest (send) {
   }
 }
 
+function wrapSmithySend (send) {
+  return function (command, ...args) {
+    const cb = args[args.length - 1]
+    const innerAr = new AsyncResource('apm:aws:request:inner')
+    const outerAr = new AsyncResource('apm:aws:request:outer')
+    const serviceIdentifier = this.config.serviceId.toLowerCase()
+    const channelSuffix = getChannelSuffix(serviceIdentifier)
+    const commandName = command.constructor.name
+    const clientName = this.constructor.name.replace(/Client$/, '')
+    const operation = `${commandName[0].toLowerCase()}${commandName.slice(1).replace(/Command$/, '')}`
+    const request = {
+      operation,
+      params: command.input
+    }
+
+    const startCh = channel(`apm:aws:request:start:${channelSuffix}`)
+    const regionCh = channel(`apm:aws:request:region:${channelSuffix}`)
+    const completeChannel = channel(`apm:aws:request:complete:${channelSuffix}`)
+    const responseStartChannel = channel(`apm:aws:response:start:${channelSuffix}`)
+    const responseFinishChannel = channel(`apm:aws:response:finish:${channelSuffix}`)
+
+    return innerAr.runInAsyncScope(() => {
+      startCh.publish({
+        serviceIdentifier,
+        operation,
+        awsService: clientName,
+        request
+      })
+
+      // When the region is not set this never resolves so we can't await.
+      this.config.region().then(region => {
+        regionCh.publish(region)
+      })
+
+      if (typeof cb === 'function') {
+        args[args.length - 1] = function (err, result) {
+          const message = getMessage(request, err, result)
+
+          completeChannel.publish(message)
+
+          outerAr.runInAsyncScope(() => {
+            responseStartChannel.publish(message)
+
+            cb.apply(this, arguments)
+
+            if (message.needsFinish) {
+              responseFinishChannel.publish(message.response.error)
+            }
+          })
+        }
+      } else { // always a promise
+        return send.call(this, command, ...args)
+          .then(
+            result => {
+              const message = getMessage(request, null, result)
+              completeChannel.publish(message)
+              return result
+            },
+            error => {
+              const message = getMessage(request, error)
+              completeChannel.publish(message)
+              throw error
+            }
+          )
+      }
+
+      return send.call(this, command, ...args)
+    })
+  }
+}
+
 function wrapCb (cb, serviceName, request, ar) {
   return function wrappedCb (err, response) {
     const obj = { request, response }
@@ -71,6 +142,16 @@ function wrapCb (cb, serviceName, request, ar) {
   }
 }
 
+function getMessage (request, error, result) {
+  const response = { request, error, ...result }
+
+  if (result && result.$metadata) {
+    response.requestId = result.$metadata.requestId
+  }
+
+  return { request, response }
+}
+
 function getChannelSuffix (name) {
   return [
     'cloudwatchlogs',
@@ -85,6 +166,11 @@ function getChannelSuffix (name) {
   ].includes(name) ? name : 'default'
 }
 
+addHook({ name: '@aws-sdk/smithy-client', versions: ['>=3'] }, smithy => {
+  shimmer.wrap(smithy.Client.prototype, 'send', wrapSmithySend)
+  return smithy
+})
+
 addHook({ name: 'aws-sdk', versions: ['>=2.3.0'] }, AWS => {
   shimmer.wrap(AWS.Request.prototype, 'promise', wrapRequest)
   shimmer.wrap(AWS.config, 'setPromisesDependency', setPromisesDependency => {

package/packages/datadog-instrumentations/src/cucumber.js

@@ -3,15 +3,35 @@
 const { addHook, channel, AsyncResource } = require('./helpers/instrument')
 const shimmer = require('../../datadog-shimmer')
 
-const runStartCh = channel('ci:cucumber:run:start')
-const runFinishCh = channel('ci:cucumber:run:finish')
-const runStepStartCh = channel('ci:cucumber:run-step:start')
+const testStartCh = channel('ci:cucumber:test:start')
+const testFinishCh = channel('ci:cucumber:test:finish') // used for test steps too
+
+const testStepStartCh = channel('ci:cucumber:test-step:start')
+
 const errorCh = channel('ci:cucumber:error')
+
+const testSuiteStartCh = channel('ci:cucumber:test-suite:start')
+const testSuiteFinishCh = channel('ci:cucumber:test-suite:finish')
+
+const sessionStartCh = channel('ci:cucumber:session:start')
 const sessionFinishCh = channel('ci:cucumber:session:finish')
 
 // TODO: remove in a later major version
 const patched = new WeakSet()
 
+let pickleByFile = {}
+const pickleResultByFile = {}
+
+function getSuiteStatusFromTestStatuses (testStatuses) {
+  if (testStatuses.some(status => status === 'fail')) {
+    return 'fail'
+  }
+  if (testStatuses.every(status => status === 'skip')) {
+    return 'skip'
+  }
+  return 'pass'
+}
+
 function getStatusFromResult (result) {
   if (result.status === 1) {
     return { status: 'pass' }
@@ -44,13 +64,18 @@ function wrapRun (pl, isLatestVersion) {
   patched.add(pl)
 
   shimmer.wrap(pl.prototype, 'run', run => function () {
-    if (!runStartCh.hasSubscribers) {
+    if (!testStartCh.hasSubscribers) {
       return run.apply(this, arguments)
     }
 
     const asyncResource = new AsyncResource('bound-anonymous-fn')
     return asyncResource.runInAsyncScope(() => {
-      runStartCh.publish({ testName: this.pickle.name, fullTestSuite: this.pickle.uri })
+      const testSuiteFullPath = this.pickle.uri
+
+      if (!pickleResultByFile[testSuiteFullPath]) { // first test in suite
+        testSuiteStartCh.publish(testSuiteFullPath)
+      }
+      testStartCh.publish({ testName: this.pickle.name, fullTestSuite: testSuiteFullPath })
       try {
         const promise = run.apply(this, arguments)
         promise.finally(() => {
@@ -58,7 +83,17 @@ function wrapRun (pl, isLatestVersion) {
           const { status, skipReason, errorMessage } = isLatestVersion
             ? getStatusFromResultLatest(result) : getStatusFromResult(result)
 
-          runFinishCh.publish({ status, skipReason, errorMessage })
+          if (!pickleResultByFile[testSuiteFullPath]) {
+            pickleResultByFile[testSuiteFullPath] = [status]
+          } else {
+            pickleResultByFile[testSuiteFullPath].push(status)
+          }
+          // last test in suite
+          if (pickleResultByFile[testSuiteFullPath].length === pickleByFile[testSuiteFullPath].length) {
+            const testSuiteStatus = getSuiteStatusFromTestStatuses(pickleResultByFile[testSuiteFullPath])
+            testSuiteFinishCh.publish(testSuiteStatus)
+          }
+          testFinishCh.publish({ status, skipReason, errorMessage })
         })
         return promise
       } catch (err) {
@@ -68,7 +103,7 @@ function wrapRun (pl, isLatestVersion) {
     })
   })
   shimmer.wrap(pl.prototype, 'runStep', runStep => function () {
-    if (!runStepStartCh.hasSubscribers) {
+    if (!testStepStartCh.hasSubscribers) {
       return runStep.apply(this, arguments)
     }
     const testStep = arguments[0]
@@ -82,7 +117,7 @@ function wrapRun (pl, isLatestVersion) {
 
     const asyncResource = new AsyncResource('bound-anonymous-fn')
     return asyncResource.runInAsyncScope(() => {
-      runStepStartCh.publish({ resource })
+      testStepStartCh.publish({ resource })
       try {
         const promise = runStep.apply(this, arguments)
 
@@ -90,7 +125,7 @@ function wrapRun (pl, isLatestVersion) {
           const { status, skipReason, errorMessage } = isLatestVersion
             ? getStatusFromResultLatest(result) : getStatusFromResult(result)
 
-          runFinishCh.publish({ isStep: true, status, skipReason, errorMessage })
+          testFinishCh.publish({ isStep: true, status, skipReason, errorMessage })
         })
         return promise
       } catch (err) {
@@ -129,16 +164,40 @@ addHook({
   file: 'lib/runtime/test_case_runner.js'
 }, testCaseHook)
 
+function getPickleByFile (runtime) {
+  return runtime.pickleIds.reduce((acc, pickleId) => {
+    const test = runtime.eventDataCollector.getPickle(pickleId)
+    if (acc[test.uri]) {
+      acc[test.uri].push(test)
+    } else {
+      acc[test.uri] = [test]
+    }
+    return acc
+  }, {})
+}
+
 addHook({
   name: '@cucumber/cucumber',
   versions: ['>=7.0.0'],
   file: 'lib/runtime/index.js'
-}, (Runtime) => {
-  shimmer.wrap(Runtime.default.prototype, 'start', start => async function () {
-    const result = await start.apply(this, arguments)
-    sessionFinishCh.publish(undefined)
-    return result
+}, (runtimePackage, cucumberVersion) => {
+  shimmer.wrap(runtimePackage.default.prototype, 'start', start => async function () {
+    pickleByFile = getPickleByFile(this)
+
+    const processArgv = process.argv.slice(2).join(' ')
+    const command = process.env.npm_lifecycle_script || `cucumber-js ${processArgv}`
+
+    const asyncResource = new AsyncResource('bound-anonymous-fn')
+    asyncResource.runInAsyncScope(() => {
+      sessionStartCh.publish({ command, frameworkVersion: cucumberVersion })
+    })
+    const success = await start.apply(this, arguments)
+
+    asyncResource.runInAsyncScope(() => {
+      sessionFinishCh.publish(success ? 'pass' : 'fail')
+    })
+    return success
   })
 
-  return Runtime
+  return runtimePackage
 })

package/packages/datadog-instrumentations/src/cypress.js

@@ -5,4 +5,4 @@ const { addHook } = require('./helpers/instrument')
 addHook({
   name: 'cypress',
   versions: ['>=6.7.0']
-})
+}, lib => lib)