dd-trace 4.15.0 → 4.17.0

package/packages/dd-trace/src/appsec/remote_config/capabilities.js

@@ -8,5 +8,6 @@ module.exports = {
   ASM_REQUEST_BLOCKING: 1n << 5n,
   ASM_USER_BLOCKING: 1n << 7n,
   ASM_CUSTOM_RULES: 1n << 8n,
-  ASM_CUSTOM_BLOCKING_RESPONSE: 1n << 9n
+  ASM_CUSTOM_BLOCKING_RESPONSE: 1n << 9n,
+  ASM_TRUSTED_IPS: 1n << 10n
 }

package/packages/dd-trace/src/appsec/remote_config/index.js

@@ -46,6 +46,7 @@ function enableWafUpdate (appsecConfig) {
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_REQUEST_BLOCKING, true)
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_CUSTOM_RULES, true)
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_CUSTOM_BLOCKING_RESPONSE, true)
+    rc.updateCapabilities(RemoteConfigCapabilities.ASM_TRUSTED_IPS, true)
 
     rc.on('ASM_DATA', noop)
     rc.on('ASM_DD', noop)
@@ -66,6 +67,7 @@ function disableWafUpdate () {
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_REQUEST_BLOCKING, false)
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_CUSTOM_RULES, false)
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_CUSTOM_BLOCKING_RESPONSE, false)
+    rc.updateCapabilities(RemoteConfigCapabilities.ASM_TRUSTED_IPS, false)
 
     rc.off('ASM_DATA', noop)
     rc.off('ASM_DD', noop)

package/packages/dd-trace/src/appsec/remote_config/manager.js

@@ -3,11 +3,12 @@
 const { URL, format } = require('url')
 const uuid = require('crypto-randomuuid')
 const { EventEmitter } = require('events')
-const Scheduler = require('./scheduler')
 const tracerVersion = require('../../../../../package.json').version
 const request = require('../../exporters/common/request')
 const log = require('../../log')
+const { getExtraServices } = require('../../service-naming/extra-services')
 const { UNACKNOWLEDGED, ACKNOWLEDGED, ERROR } = require('./apply_states')
+const Scheduler = require('./scheduler')
 
 const clientId = uuid()
 
@@ -57,7 +58,8 @@ class RemoteConfigManager extends EventEmitter {
           tracer_version: tracerVersion,
           service: config.service,
           env: config.env,
-          app_version: config.version
+          app_version: config.version,
+          extra_services: []
         },
         capabilities: DEFAULT_CAPABILITY // updated by `updateCapabilities()`
       },
@@ -113,8 +115,14 @@ class RemoteConfigManager extends EventEmitter {
     this.state.client.products = this.eventNames().filter(e => typeof e === 'string')
   }
 
+  getPayload () {
+    this.state.client.client_tracer.extra_services = getExtraServices()
+
+    return JSON.stringify(this.state)
+  }
+
   poll (cb) {
-    request(JSON.stringify(this.state), this.requestOptions, (err, data, statusCode) => {
+    request(this.getPayload(), this.requestOptions, (err, data, statusCode) => {
       // 404 means RC is disabled, ignore it
       if (statusCode === 404) return cb()
 

package/packages/dd-trace/src/appsec/reporter.js

@@ -69,16 +69,18 @@ function formatHeaderName (name) {
     .toLowerCase()
 }
 
-function reportWafInit (wafVersion, rulesInfo) {
+function reportWafInit (wafVersion, rulesVersion, diagnosticsRules = {}) {
   metricsQueue.set('_dd.appsec.waf.version', wafVersion)
 
-  metricsQueue.set('_dd.appsec.event_rules.loaded', rulesInfo.loaded)
-  metricsQueue.set('_dd.appsec.event_rules.error_count', rulesInfo.failed)
-  if (rulesInfo.failed) metricsQueue.set('_dd.appsec.event_rules.errors', JSON.stringify(rulesInfo.errors))
+  metricsQueue.set('_dd.appsec.event_rules.loaded', diagnosticsRules.loaded?.length || 0)
+  metricsQueue.set('_dd.appsec.event_rules.error_count', diagnosticsRules.failed?.length || 0)
+  if (diagnosticsRules.failed?.length) {
+    metricsQueue.set('_dd.appsec.event_rules.errors', JSON.stringify(diagnosticsRules.errors))
+  }
 
   metricsQueue.set('manual.keep', 'true')
 
-  incrementWafInitMetric(wafVersion, rulesInfo.version)
+  incrementWafInitMetric(wafVersion, rulesVersion)
 }
 
 function reportMetrics (metrics) {

package/packages/dd-trace/src/appsec/telemetry.js

@@ -51,7 +51,7 @@ function trackWafDurations (metrics, versionsTags) {
   }
 }
 
-function getOrCreateMetricTags ({ wafVersion, rulesVersion }, req, versionsTags) {
+function getOrCreateMetricTags (req, versionsTags) {
   const store = getStore(req)
 
   let metricTags = store[DD_TELEMETRY_WAF_RESULT_TAGS]
@@ -75,7 +75,7 @@ function updateWafRequestsMetricTags (metrics, req) {
 
   trackWafDurations(metrics, versionsTags)
 
-  const metricTags = getOrCreateMetricTags(metrics, req, versionsTags)
+  const metricTags = getOrCreateMetricTags(req, versionsTags)
 
   const { blockTriggered, ruleTriggered, wafTimeout } = metrics
 

package/packages/dd-trace/src/appsec/waf/waf_context_wrapper.js

@@ -2,24 +2,35 @@
 
 const log = require('../../log')
 const Reporter = require('../reporter')
+const addresses = require('../addresses')
+
+// TODO: remove once ephemeral addresses are implemented
+const preventDuplicateAddresses = new Set([
+  addresses.HTTP_INCOMING_QUERY
+])
 
 class WAFContextWrapper {
-  constructor (ddwafContext, requiredAddresses, wafTimeout, rulesInfo, wafVersion) {
+  constructor (ddwafContext, requiredAddresses, wafTimeout, wafVersion, rulesVersion) {
     this.ddwafContext = ddwafContext
     this.requiredAddresses = requiredAddresses
     this.wafTimeout = wafTimeout
-    this.rulesVersion = rulesInfo.version
     this.wafVersion = wafVersion
+    this.rulesVersion = rulesVersion
+    this.addressesToSkip = new Set()
   }
 
   run (params) {
     const inputs = {}
     let someInputAdded = false
+    const newAddressesToSkip = new Set(this.addressesToSkip)
 
     // TODO: possible optimizaion: only send params that haven't already been sent with same value to this wafContext
     for (const key of Object.keys(params)) {
-      if (this.requiredAddresses.has(key)) {
+      if (this.requiredAddresses.has(key) && !this.addressesToSkip.has(key)) {
         inputs[key] = params[key]
+        if (preventDuplicateAddresses.has(key)) {
+          newAddressesToSkip.add(key)
+        }
         someInputAdded = true
       }
     }
@@ -33,7 +44,9 @@ class WAFContextWrapper {
 
       const end = process.hrtime.bigint()
 
-      const ruleTriggered = !!result.data && result.data !== '[]'
+      this.addressesToSkip = newAddressesToSkip
+
+      const ruleTriggered = !!result.events?.length
       const blockTriggered = result.actions?.includes('block')
 
       Reporter.reportMetrics({
@@ -47,7 +60,7 @@ class WAFContextWrapper {
       })
 
       if (ruleTriggered) {
-        Reporter.reportAttack(result.data)
+        Reporter.reportAttack(JSON.stringify(result.events))
       }
 
       return result.actions

package/packages/dd-trace/src/appsec/waf/waf_manager.js

@@ -12,8 +12,9 @@ class WAFManager {
     this.wafTimeout = config.wafTimeout
     this.ddwaf = this._loadDDWAF(rules)
     this.ddwafVersion = this.ddwaf.constructor.version()
+    this.rulesVersion = this.ddwaf.diagnostics.ruleset_version
 
-    Reporter.reportWafInit(this.ddwafVersion, this.ddwaf.rulesInfo)
+    Reporter.reportWafInit(this.ddwafVersion, this.rulesVersion, this.ddwaf.diagnostics.rules)
   }
 
   _loadDDWAF (rules) {
@@ -38,8 +39,8 @@ class WAFManager {
         this.ddwaf.createContext(),
         this.ddwaf.requiredAddresses,
         this.wafTimeout,
-        this.ddwaf.rulesInfo,
-        this.ddwafVersion
+        this.ddwafVersion,
+        this.rulesVersion
       )
       contexts.set(req, wafContext)
     }
@@ -50,7 +51,7 @@ class WAFManager {
   update (newRules) {
     this.ddwaf.update(newRules)
 
-    Reporter.reportWafUpdate(this.ddwafVersion, this.ddwaf.rulesInfo.version)
+    Reporter.reportWafUpdate(this.ddwafVersion, this.rulesVersion)
   }
 
   destroy () {

package/packages/dd-trace/src/ci-visibility/intelligent-test-runner/get-itr-configuration.js

@@ -28,25 +28,12 @@ function getItrConfiguration ({
   if (isEvpProxy) {
     options.path = '/evp_proxy/v2/api/v2/libraries/tests/services/setting'
     options.headers['X-Datadog-EVP-Subdomain'] = 'api'
-    options.headers['X-Datadog-NeedsAppKey'] = 'true'
   } else {
     const apiKey = process.env.DATADOG_API_KEY || process.env.DD_API_KEY
-    const appKey = process.env.DATADOG_APP_KEY ||
-      process.env.DD_APP_KEY ||
-      process.env.DATADOG_APPLICATION_KEY ||
-      process.env.DD_APPLICATION_KEY
-
-    const messagePrefix = 'Request to settings endpoint was not done because Datadog'
-
-    if (!appKey) {
-      return done(new Error(`${messagePrefix} application key is not defined.`))
-    }
     if (!apiKey) {
-      return done(new Error(`${messagePrefix} API key is not defined.`))
+      return done(new Error('Request to settings endpoint was not done because Datadog API key is not defined.'))
     }
-
     options.headers['dd-api-key'] = apiKey
-    options.headers['dd-application-key'] = appKey
   }
 
   const data = JSON.stringify({

package/packages/dd-trace/src/ci-visibility/intelligent-test-runner/get-skippable-suites.js

@@ -28,25 +28,13 @@ function getSkippableSuites ({
   if (isEvpProxy) {
     options.path = '/evp_proxy/v2/api/v2/ci/tests/skippable'
     options.headers['X-Datadog-EVP-Subdomain'] = 'api'
-    options.headers['X-Datadog-NeedsAppKey'] = 'true'
   } else {
     const apiKey = process.env.DATADOG_API_KEY || process.env.DD_API_KEY
-    const appKey = process.env.DATADOG_APP_KEY ||
-      process.env.DD_APP_KEY ||
-      process.env.DATADOG_APPLICATION_KEY ||
-      process.env.DD_APPLICATION_KEY
-
-    const messagePrefix = 'Skippable suites were not fetched because Datadog'
-
-    if (!appKey) {
-      return done(new Error(`${messagePrefix} application key is not defined.`))
-    }
     if (!apiKey) {
-      return done(new Error(`${messagePrefix} API key is not defined.`))
+      return done(new Error('Skippable suites were not fetched because Datadog API key is not defined.'))
     }
 
     options.headers['dd-api-key'] = apiKey
-    options.headers['dd-application-key'] = appKey
   }
 
   const data = JSON.stringify({

package/packages/dd-trace/src/config.js

@@ -179,6 +179,11 @@ class Config {
       false
     )
 
+    const DD_TRACE_MEMCACHED_COMMAND_ENABLED = coalesce(
+      process.env.DD_TRACE_MEMCACHED_COMMAND_ENABLED,
+      false
+    )
+
     const DD_SERVICE = options.service ||
       process.env.DD_SERVICE ||
       process.env.DD_SERVICE_NAME ||
@@ -629,6 +634,9 @@ ken|consumer_?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?)
 
     this.openaiSpanCharLimit = DD_OPENAI_SPAN_CHAR_LIMIT
 
+    // Requires an accompanying DD_APM_OBFUSCATION_MEMCACHED_KEEP_COMMAND=true in the agent
+    this.memcachedCommandEnabled = isTrue(DD_TRACE_MEMCACHED_COMMAND_ENABLED)
+
     if (this.gitMetadataEnabled) {
       this.repositoryUrl = coalesce(
         process.env.DD_GIT_REPOSITORY_URL,

package/packages/dd-trace/src/datastreams/processor.js

@@ -66,7 +66,9 @@ class DataStreamsProcessor {
     port,
     url,
     env,
-    tags
+    tags,
+    version,
+    service
   } = {}) {
     this.writer = new DataStreamsWriter({
       hostname,
@@ -79,7 +81,8 @@ class DataStreamsProcessor {
     this.enabled = dsmEnabled
     this.env = env
     this.tags = tags || {}
-    this.service = this.tags.service || 'unnamed-nodejs-service'
+    this.service = service || 'unnamed-nodejs-service'
+    this.version = version || ''
     this.sequence = 0
 
     if (this.enabled) {
@@ -96,6 +99,7 @@ class DataStreamsProcessor {
       Service: this.service,
       Stats: serialized,
       TracerVersion: pkg.version,
+      Version: this.version,
       Lang: 'javascript'
     }
     this.writer.flush(payload)

package/packages/dd-trace/src/format.js

@@ -4,6 +4,7 @@ const constants = require('./constants')
 const tags = require('../../../ext/tags')
 const id = require('./id')
 const { isError } = require('./util')
+const { registerExtraService } = require('./service-naming/extra-services')
 
 const SAMPLING_PRIORITY_KEY = constants.SAMPLING_PRIORITY_KEY
 const SAMPLING_RULE_DECISION = constants.SAMPLING_RULE_DECISION
@@ -13,7 +14,7 @@ const SPAN_SAMPLING_MECHANISM = constants.SPAN_SAMPLING_MECHANISM
 const SPAN_SAMPLING_RULE_RATE = constants.SPAN_SAMPLING_RULE_RATE
 const SPAN_SAMPLING_MAX_PER_SECOND = constants.SPAN_SAMPLING_MAX_PER_SECOND
 const SAMPLING_MECHANISM_SPAN = constants.SAMPLING_MECHANISM_SPAN
-const MEASURED = tags.MEASURED
+const { MEASURED, BASE_SERVICE } = tags
 const ORIGIN_KEY = constants.ORIGIN_KEY
 const HOSTNAME_KEY = constants.HOSTNAME_KEY
 const TOP_LEVEL_KEY = constants.TOP_LEVEL_KEY
@@ -73,6 +74,13 @@ function extractTags (trace, span) {
     addTag({}, trace.metrics, MEASURED, 1)
   }
 
+  const tracerService = span.tracer()._service.toLowerCase()
+  if (tags['service.name']?.toLowerCase() !== tracerService) {
+    span.setTag(BASE_SERVICE, tracerService)
+
+    registerExtraService(tags['service.name'])
+  }
+
   for (const tag in tags) {
     switch (tag) {
       case 'service.name':

package/packages/dd-trace/src/opentracing/propagation/text_map.js

@@ -343,10 +343,10 @@ class TextMapPropagator {
               spanContext._trace.origin = value
               break
             case 't.dm': {
-              const mechanism = -Math.abs(parseInt(value, 10))
+              const mechanism = Math.abs(parseInt(value, 10))
               if (Number.isInteger(mechanism)) {
                 spanContext._sampling.mechanism = mechanism
-                spanContext._trace.tags['_dd.p.dm'] = String(mechanism)
+                spanContext._trace.tags['_dd.p.dm'] = `-${mechanism}`
               }
               break
             }

package/packages/dd-trace/src/opentracing/tracer.js

@@ -26,8 +26,6 @@ class DatadogTracer {
     this._version = config.version
     this._env = config.env
     this._tags = config.tags
-    this._computePeerService = config.spanComputePeerService
-    this._peerServiceMapping = config.peerServiceMapping
     this._logInjection = config.logInjection
     this._debug = config.debug
     this._prioritySampler = new PrioritySampler(config.env, config.sampler)

package/packages/dd-trace/src/plugin_manager.js

@@ -72,11 +72,10 @@ module.exports = class PluginManager {
     const Plugin = pluginClasses[name]
 
     if (!Plugin) return
+    if (!this._tracerConfig) return // TODO: don't wait for tracer to be initialized
     if (!this._pluginsByName[name]) {
       this._pluginsByName[name] = new Plugin(this._tracer, this._tracerConfig)
     }
-    if (!this._tracerConfig) return // TODO: don't wait for tracer to be initialized
-
     const pluginConfig = this._configsByName[name] || {
       enabled: this._tracerConfig.plugins !== false
     }
@@ -137,7 +136,8 @@ module.exports = class PluginManager {
       headerTags,
       dbmPropagationMode,
       dsmEnabled,
-      clientIpEnabled
+      clientIpEnabled,
+      memcachedCommandEnabled
     } = this._tracerConfig
 
     const sharedConfig = {}
@@ -152,6 +152,7 @@ module.exports = class PluginManager {
 
     sharedConfig.dbmPropagationMode = dbmPropagationMode
     sharedConfig.dsmEnabled = dsmEnabled
+    sharedConfig.memcachedCommandEnabled = memcachedCommandEnabled
 
     if (serviceMapping && serviceMapping[name]) {
       sharedConfig.service = serviceMapping[name]

package/packages/dd-trace/src/plugins/database.js

@@ -1,6 +1,7 @@
 'use strict'
 
 const StoragePlugin = require('./storage')
+const { PEER_SERVICE_KEY } = require('../constants')
 
 class DatabasePlugin extends StoragePlugin {
   static get operation () { return 'query' }
@@ -38,20 +39,29 @@ class DatabasePlugin extends StoragePlugin {
     `ddps='${encodedDdps}',ddpv='${encodedDdpv}'`
   }
 
-  injectDbmQuery (query, serviceName, isPreparedStatement = false) {
+  getDbmServiceName (span, tracerService) {
+    if (this._tracerConfig.spanComputePeerService) {
+      const peerData = this.getPeerService(span.context()._tags)
+      return this.getPeerServiceRemap(peerData)[PEER_SERVICE_KEY] || tracerService
+    }
+    return tracerService
+  }
+
+  injectDbmQuery (span, query, serviceName, isPreparedStatement = false) {
     const mode = this.config.dbmPropagationMode
+    const dbmService = this.getDbmServiceName(span, serviceName)
 
     if (mode === 'disabled') {
       return query
     }
 
-    const servicePropagation = this.createDBMPropagationCommentService(serviceName)
+    const servicePropagation = this.createDBMPropagationCommentService(dbmService)
 
     if (isPreparedStatement || mode === 'service') {
       return `/*${servicePropagation}*/ ${query}`
     } else if (mode === 'full') {
-      this.activeSpan.setTag('_dd.dbm_trace_injected', 'true')
-      const traceparent = this.activeSpan._spanContext.toTraceparent()
+      span.setTag('_dd.dbm_trace_injected', 'true')
+      const traceparent = span._spanContext.toTraceparent()
       return `/*${servicePropagation},traceparent='${traceparent}'*/ ${query}`
     }
   }

package/packages/dd-trace/src/plugins/index.js

@@ -64,6 +64,7 @@ module.exports = {
   get 'pg' () { return require('../../../datadog-plugin-pg/src') },
   get 'pino' () { return require('../../../datadog-plugin-pino/src') },
   get 'pino-pretty' () { return require('../../../datadog-plugin-pino/src') },
+  get 'playwright' () { return require('../../../datadog-plugin-playwright/src') },
   get 'redis' () { return require('../../../datadog-plugin-redis/src') },
   get 'restify' () { return require('../../../datadog-plugin-restify/src') },
   get 'rhea' () { return require('../../../datadog-plugin-rhea/src') },

package/packages/dd-trace/src/plugins/outbound.js

@@ -64,10 +64,11 @@ class OutboundPlugin extends TracingPlugin {
      * peer service and add the value we overrode.
      */
     const peerService = peerData[PEER_SERVICE_KEY]
-    if (peerService && this.tracer._peerServiceMapping[peerService]) {
+    const mappedService = this._tracerConfig.peerServiceMapping?.[peerService]
+    if (peerService && mappedService) {
       return {
         ...peerData,
-        [PEER_SERVICE_KEY]: this.tracer._peerServiceMapping[peerService],
+        [PEER_SERVICE_KEY]: mappedService,
         [PEER_SERVICE_REMAP_KEY]: peerService
       }
     }
@@ -80,7 +81,7 @@ class OutboundPlugin extends TracingPlugin {
   }
 
   tagPeerService (span) {
-    if (this.tracer._computePeerService) {
+    if (this._tracerConfig.spanComputePeerService) {
       const peerData = this.getPeerService(span.context()._tags)
       if (peerData !== undefined) {
         span.addTags(this.getPeerServiceRemap(peerData))

package/packages/dd-trace/src/plugins/util/ci.js

@@ -602,6 +602,23 @@ module.exports = {
       tags[refKey] = ref
     }
 
+    if (env.CODEBUILD_INITIATOR?.startsWith('codepipeline/')) {
+      const {
+        CODEBUILD_BUILD_ARN,
+        DD_ACTION_EXECUTION_ID,
+        DD_PIPELINE_EXECUTION_ID
+      } = env
+      tags = {
+        [CI_PROVIDER_NAME]: 'awscodepipeline',
+        [CI_PIPELINE_ID]: DD_PIPELINE_EXECUTION_ID,
+        [CI_ENV_VARS]: JSON.stringify({
+          CODEBUILD_BUILD_ARN,
+          DD_PIPELINE_EXECUTION_ID,
+          DD_ACTION_EXECUTION_ID
+        })
+      }
+    }
+
     normalizeTag(tags, CI_WORKSPACE_PATH, resolveTilde)
     normalizeTag(tags, GIT_REPOSITORY_URL, filterSensitiveInfoFromRepository)
     normalizeTag(tags, GIT_BRANCH, normalizeRef)

package/packages/dd-trace/src/plugins/util/git.js

@@ -61,15 +61,37 @@ function unshallowRepository () {
   }
   const defaultRemoteName = sanitizedExec('git', ['config', '--default', 'origin', '--get', 'clone.defaultRemoteName'])
   const revParseHead = sanitizedExec('git', ['rev-parse', 'HEAD'])
-  sanitizedExec('git', [
+
+  const baseGitOptions = [
     'fetch',
     '--shallow-since="1 month ago"',
     '--update-shallow',
     '--filter=blob:none',
     '--recurse-submodules=no',
-    defaultRemoteName,
-    revParseHead
-  ])
+    defaultRemoteName
+  ]
+
+  try {
+    execFileSync('git', [
+      ...baseGitOptions,
+      revParseHead
+    ], { stdio: 'pipe' })
+  } catch (e) {
+    // If the local HEAD is a commit that has not been pushed to the remote, the above command will fail.
+    log.error(e)
+    const upstreamRemote = sanitizedExec('git', ['rev-parse', '--abbrev-ref', '--symbolic-full-name', '@{upstream}'])
+    try {
+      execFileSync('git', [
+        ...baseGitOptions,
+        upstreamRemote
+      ], { stdio: 'pipe' })
+    } catch (e) {
+      // If the CI is working on a detached HEAD or branch tracking hasn’t been set up, the above command will fail.
+      log.error(e)
+      // We use sanitizedExec here because if this last option fails, we'll give up.
+      sanitizedExec('git', baseGitOptions)
+    }
+  }
 }
 
 function getRepositoryUrl () {

package/packages/dd-trace/src/plugins/util/test.js

@@ -58,6 +58,8 @@ const TEST_ITR_SKIPPING_ENABLED = 'test.itr.tests_skipping.enabled'
 const TEST_ITR_SKIPPING_TYPE = 'test.itr.tests_skipping.type'
 const TEST_ITR_SKIPPING_COUNT = 'test.itr.tests_skipping.count'
 const TEST_CODE_COVERAGE_ENABLED = 'test.code_coverage.enabled'
+const TEST_ITR_UNSKIPPABLE = 'test.itr.unskippable'
+const TEST_ITR_FORCED_RUN = 'test.itr.forced_run'
 
 const TEST_CODE_COVERAGE_LINES_PCT = 'test.code_coverage.lines_pct'
 
@@ -107,6 +109,8 @@ module.exports = {
   TEST_ITR_SKIPPING_COUNT,
   TEST_CODE_COVERAGE_ENABLED,
   TEST_CODE_COVERAGE_LINES_PCT,
+  TEST_ITR_UNSKIPPABLE,
+  TEST_ITR_FORCED_RUN,
   addIntelligentTestRunnerSpanTags,
   getCoveredFilenamesFromCoverage,
   resetCoverage,
@@ -366,7 +370,9 @@ function addIntelligentTestRunnerSpanTags (
     isCodeCoverageEnabled,
     testCodeCoverageLinesTotal,
     skippingCount,
-    skippingType = 'suite'
+    skippingType = 'suite',
+    hasUnskippableSuites,
+    hasForcedToRunSuites
   }
 ) {
   testSessionSpan.setTag(TEST_ITR_TESTS_SKIPPED, isSuitesSkipped ? 'true' : 'false')
@@ -381,6 +387,15 @@ function addIntelligentTestRunnerSpanTags (
   testModuleSpan.setTag(TEST_ITR_SKIPPING_COUNT, skippingCount)
   testModuleSpan.setTag(TEST_CODE_COVERAGE_ENABLED, isCodeCoverageEnabled ? 'true' : 'false')
 
+  if (hasUnskippableSuites) {
+    testSessionSpan.setTag(TEST_ITR_UNSKIPPABLE, 'true')
+    testModuleSpan.setTag(TEST_ITR_UNSKIPPABLE, 'true')
+  }
+  if (hasForcedToRunSuites) {
+    testSessionSpan.setTag(TEST_ITR_FORCED_RUN, 'true')
+    testModuleSpan.setTag(TEST_ITR_FORCED_RUN, 'true')
+  }
+
   // If suites have been skipped we don't want to report the total coverage, as it will be wrong
   if (testCodeCoverageLinesTotal !== undefined && !isSuitesSkipped) {
     testSessionSpan.setTag(TEST_CODE_COVERAGE_LINES_PCT, testCodeCoverageLinesTotal)

package/packages/dd-trace/src/profiling/config.js

@@ -37,6 +37,8 @@ class Config {
       DD_PROFILING_EXPERIMENTAL_OOM_HEAP_LIMIT_EXTENSION_SIZE,
       DD_PROFILING_EXPERIMENTAL_OOM_MAX_HEAP_EXTENSION_COUNT,
       DD_PROFILING_EXPERIMENTAL_OOM_EXPORT_STRATEGIES,
+      DD_PROFILING_CODEHOTSPOTS_ENABLED,
+      DD_PROFILING_ENDPOINT_COLLECTION_ENABLED,
       DD_PROFILING_EXPERIMENTAL_CODEHOTSPOTS_ENABLED,
       DD_PROFILING_EXPERIMENTAL_ENDPOINT_COLLECTION_ENABLED
     } = process.env
@@ -53,8 +55,6 @@ class Config {
       Number(DD_PROFILING_UPLOAD_TIMEOUT), 60 * 1000)
     const sourceMap = coalesce(options.sourceMap,
       DD_PROFILING_SOURCE_MAP, true)
-    const endpointCollectionEnabled = coalesce(options.endpointCollection,
-      DD_PROFILING_EXPERIMENTAL_ENDPOINT_COLLECTION_ENABLED, false)
     const pprofPrefix = coalesce(options.pprofPrefix,
       DD_PROFILING_PPROF_PREFIX, '')
 
@@ -71,11 +71,25 @@ class Config {
       tagger.parse({ env, host, service, version, functionname })
     )
     this.logger = ensureLogger(options.logger)
+    const logger = this.logger
+    function logExperimentalVarDeprecation (shortVarName) {
+      const deprecatedEnvVarName = `DD_PROFILING_EXPERIMENTAL_${shortVarName}`
+      const v = process.env[deprecatedEnvVarName]
+      // not null, undefined, or NaN -- same logic as koalas.hasValue
+      // eslint-disable-next-line no-self-compare
+      if (v != null && v === v) {
+        logger.warn(`${deprecatedEnvVarName} is deprecated. Use DD_PROFILING_${shortVarName} instead.`)
+      }
+    }
     this.flushInterval = flushInterval
     this.uploadTimeout = uploadTimeout
     this.sourceMap = sourceMap
     this.debugSourceMaps = isTrue(coalesce(options.debugSourceMaps, DD_PROFILING_DEBUG_SOURCE_MAPS, false))
-    this.endpointCollectionEnabled = endpointCollectionEnabled
+    this.endpointCollectionEnabled = isTrue(coalesce(options.endpointCollection,
+      DD_PROFILING_ENDPOINT_COLLECTION_ENABLED,
+      DD_PROFILING_EXPERIMENTAL_ENDPOINT_COLLECTION_ENABLED, false))
+    logExperimentalVarDeprecation('ENDPOINT_COLLECTION_ENABLED')
+
     this.pprofPrefix = pprofPrefix
     this.v8ProfilerBugWorkaroundEnabled = isTrue(coalesce(options.v8ProfilerBugWorkaround,
       DD_PROFILING_V8_PROFILER_BUG_WORKAROUND, true))
@@ -113,8 +127,25 @@ class Config {
     const profilers = options.profilers
       ? options.profilers
       : getProfilers({ DD_PROFILING_HEAP_ENABLED, DD_PROFILING_WALLTIME_ENABLED, DD_PROFILING_PROFILERS })
-    this.codeHotspotsEnabled = isTrue(coalesce(options.codeHotspotsEnabled,
-      DD_PROFILING_EXPERIMENTAL_CODEHOTSPOTS_ENABLED, false))
+
+    function getCodeHotspotsOptionsOr (defvalue) {
+      return coalesce(options.codeHotspotsEnabled,
+        DD_PROFILING_CODEHOTSPOTS_ENABLED,
+        DD_PROFILING_EXPERIMENTAL_CODEHOTSPOTS_ENABLED, defvalue)
+    }
+    this.codeHotspotsEnabled = isTrue(getCodeHotspotsOptionsOr(false))
+    logExperimentalVarDeprecation('CODEHOTSPOTS_ENABLED')
+    if (this.endpointCollectionEnabled && !this.codeHotspotsEnabled) {
+      if (getCodeHotspotsOptionsOr(undefined) !== undefined) {
+        this.logger.warn(
+          'Endpoint collection is enabled, but Code Hotspots are disabled. ' +
+          'Enable Code Hotspots too for endpoint collection to work.')
+        this.endpointCollectionEnabled = false
+      } else {
+        this.logger.info('Code Hotspots are implicitly enabled by endpoint collection.')
+        this.codeHotspotsEnabled = true
+      }
+    }
 
     this.profilers = ensureProfilers(profilers, this)
   }