dd-trace 4.51.1 → 4.53.0

package/packages/dd-trace/src/config.js

@@ -132,11 +132,11 @@ function checkIfBothOtelAndDdEnvVarSet () {
 const fromEntries = Object.fromEntries || (entries =>
   entries.reduce((obj, [k, v]) => Object.assign(obj, { [k]: v }), {}))
 
-// eslint-disable-next-line max-len
+// eslint-disable-next-line @stylistic/js/max-len
 const qsRegex = '(?:p(?:ass)?w(?:or)?d|pass(?:_?phrase)?|secret|(?:api_?|private_?|public_?|access_?|secret_?)key(?:_?id)?|token|consumer_?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?)(?:(?:\\s|%20)*(?:=|%3D)[^&]+|(?:"|%22)(?:\\s|%20)*(?::|%3A)(?:\\s|%20)*(?:"|%22)(?:%2[^2]|%[^2]|[^"%])+(?:"|%22))|bearer(?:\\s|%20)+[a-z0-9\\._\\-]+|token(?::|%3A)[a-z0-9]{13}|gh[opsu]_[0-9a-zA-Z]{36}|ey[I-L](?:[\\w=-]|%3D)+\\.ey[I-L](?:[\\w=-]|%3D)+(?:\\.(?:[\\w.+\\/=-]|%3D|%2F|%2B)+)?|[\\-]{5}BEGIN(?:[a-z\\s]|%20)+PRIVATE(?:\\s|%20)KEY[\\-]{5}[^\\-]+[\\-]{5}END(?:[a-z\\s]|%20)+PRIVATE(?:\\s|%20)KEY|ssh-rsa(?:\\s|%20)*(?:[a-z0-9\\/\\.+]|%2F|%5C|%2B){100,}'
-// eslint-disable-next-line max-len
+// eslint-disable-next-line @stylistic/js/max-len
 const defaultWafObfuscatorKeyRegex = '(?i)pass|pw(?:or)?d|secret|(?:api|private|public|access)[_-]?key|token|consumer[_-]?(?:id|key|secret)|sign(?:ed|ature)|bearer|authorization|jsessionid|phpsessid|asp\\.net[_-]sessionid|sid|jwt'
-// eslint-disable-next-line max-len
+// eslint-disable-next-line @stylistic/js/max-len
 const defaultWafObfuscatorValueRegex = '(?i)(?:p(?:ass)?w(?:or)?d|pass(?:[_-]?phrase)?|secret(?:[_-]?key)?|(?:(?:api|private|public|access)[_-]?)key(?:[_-]?id)?|(?:(?:auth|access|id|refresh)[_-]?)?token|consumer[_-]?(?:id|key|secret)|sign(?:ed|ature)?|auth(?:entication|orization)?|jsessionid|phpsessid|asp\\.net(?:[_-]|-)sessionid|sid|jwt)(?:\\s*=[^;]|"\\s*:\\s*"[^"]+")|bearer\\s+[a-z0-9\\._\\-]+|token:[a-z0-9]{13}|gh[opsu]_[0-9a-zA-Z]{36}|ey[I-L][\\w=-]+\\.ey[I-L][\\w=-]+(?:\\.[\\w.+\\/=-]+)?|[\\-]{5}BEGIN[a-z\\s]+PRIVATE\\sKEY[\\-]{5}[^\\-]+[\\-]{5}END[a-z\\s]+PRIVATE\\sKEY|ssh-rsa\\s*[a-z0-9\\/\\.+]{100,}'
 const runtimeId = uuid()
 
@@ -145,7 +145,7 @@ function maybeFile (filepath) {
   try {
     return fs.readFileSync(filepath, 'utf8')
   } catch (e) {
-    log.error(e)
+    log.error('Error reading file %s', filepath, e)
     return undefined
   }
 }
@@ -378,7 +378,7 @@ class Config {
         } catch (e) {
           // Only log error if the user has set a git.properties path
           if (process.env.DD_GIT_PROPERTIES_FILE) {
-            log.error(e)
+            log.error('Error reading DD_GIT_PROPERTIES_FILE: %s', DD_GIT_PROPERTIES_FILE, e)
           }
         }
         if (gitPropertiesString) {
@@ -449,8 +449,7 @@ class Config {
     this._setValue(defaults, 'appsec.blockedTemplateHtml', undefined)
     this._setValue(defaults, 'appsec.blockedTemplateJson', undefined)
     this._setValue(defaults, 'appsec.enabled', undefined)
-    this._setValue(defaults, 'appsec.eventTracking.enabled', true)
-    this._setValue(defaults, 'appsec.eventTracking.mode', 'safe')
+    this._setValue(defaults, 'appsec.eventTracking.mode', 'identification')
     this._setValue(defaults, 'appsec.obfuscatorKeyRegex', defaultWafObfuscatorKeyRegex)
     this._setValue(defaults, 'appsec.obfuscatorValueRegex', defaultWafObfuscatorValueRegex)
     this._setValue(defaults, 'appsec.rasp.enabled', true)
@@ -467,7 +466,7 @@ class Config {
     this._setValue(defaults, 'ciVisibilityTestSessionName', '')
     this._setValue(defaults, 'clientIpEnabled', false)
     this._setValue(defaults, 'clientIpHeader', null)
-    this._setValue(defaults, 'crashtracking.enabled', false)
+    this._setValue(defaults, 'crashtracking.enabled', true)
     this._setValue(defaults, 'codeOriginForSpans.enabled', false)
     this._setValue(defaults, 'dbmPropagationMode', 'disabled')
     this._setValue(defaults, 'dogstatsd.hostname', '127.0.0.1')
@@ -486,6 +485,7 @@ class Config {
     this._setValue(defaults, 'headerTags', [])
     this._setValue(defaults, 'hostname', '127.0.0.1')
     this._setValue(defaults, 'iast.cookieFilterPattern', '.{32,}')
+    this._setValue(defaults, 'iast.dbRowsToTaint', 1)
     this._setValue(defaults, 'iast.deduplicationEnabled', true)
     this._setValue(defaults, 'iast.enabled', false)
     this._setValue(defaults, 'iast.maxConcurrentRequests', 2)
@@ -553,7 +553,7 @@ class Config {
     this._setValue(defaults, 'telemetry.dependencyCollection', true)
     this._setValue(defaults, 'telemetry.enabled', true)
     this._setValue(defaults, 'telemetry.heartbeatInterval', 60000)
-    this._setValue(defaults, 'telemetry.logCollection', false)
+    this._setValue(defaults, 'telemetry.logCollection', true)
     this._setValue(defaults, 'telemetry.metrics', true)
     this._setValue(defaults, 'traceEnabled', true)
     this._setValue(defaults, 'traceId128BitGenerationEnabled', true)
@@ -566,6 +566,7 @@ class Config {
     this._setValue(defaults, 'url', undefined)
     this._setValue(defaults, 'version', pkg.version)
     this._setValue(defaults, 'instrumentation_config_id', undefined)
+    this._setValue(defaults, 'aws.dynamoDb.tablePrimaryKeys', undefined)
   }
 
   _applyEnvironment () {
@@ -574,6 +575,7 @@ class Config {
       DD_AGENT_HOST,
       DD_API_SECURITY_ENABLED,
       DD_API_SECURITY_SAMPLE_DELAY,
+      DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE,
       DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING,
       DD_APPSEC_ENABLED,
       DD_APPSEC_GRAPHQL_BLOCKED_TEMPLATE_JSON,
@@ -589,11 +591,13 @@ class Config {
       DD_APPSEC_RASP_ENABLED,
       DD_APPSEC_TRACE_RATE_LIMIT,
       DD_APPSEC_WAF_TIMEOUT,
+      DD_AWS_SDK_DYNAMODB_TABLE_PRIMARY_KEYS,
       DD_CRASHTRACKING_ENABLED,
       DD_CODE_ORIGIN_FOR_SPANS_ENABLED,
       DD_DATA_STREAMS_ENABLED,
       DD_DBM_PROPAGATION_MODE,
       DD_DOGSTATSD_HOSTNAME,
+      DD_DOGSTATSD_HOST,
       DD_DOGSTATSD_PORT,
       DD_DYNAMIC_INSTRUMENTATION_ENABLED,
       DD_ENV,
@@ -604,6 +608,7 @@ class Config {
       DD_GRPC_SERVER_ERROR_STATUSES,
       JEST_WORKER_ID,
       DD_IAST_COOKIE_FILTER_PATTERN,
+      DD_IAST_DB_ROWS_TO_TAINT,
       DD_IAST_DEDUPLICATION_ENABLED,
       DD_IAST_ENABLED,
       DD_IAST_MAX_CONCURRENT_REQUESTS,
@@ -711,11 +716,10 @@ class Config {
     this._setValue(env, 'appsec.blockedTemplateJson', maybeFile(DD_APPSEC_HTTP_BLOCKED_TEMPLATE_JSON))
     this._envUnprocessed['appsec.blockedTemplateJson'] = DD_APPSEC_HTTP_BLOCKED_TEMPLATE_JSON
     this._setBoolean(env, 'appsec.enabled', DD_APPSEC_ENABLED)
-    if (DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING) {
-      this._setValue(env, 'appsec.eventTracking.enabled',
-        ['extended', 'safe'].includes(DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING.toLowerCase()))
-      this._setValue(env, 'appsec.eventTracking.mode', DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING.toLowerCase())
-    }
+    this._setString(env, 'appsec.eventTracking.mode', coalesce(
+      DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE,
+      DD_APPSEC_AUTOMATED_USER_EVENTS_TRACKING // TODO: remove in next major
+    ))
     this._setString(env, 'appsec.obfuscatorKeyRegex', DD_APPSEC_OBFUSCATION_PARAMETER_KEY_REGEXP)
     this._setString(env, 'appsec.obfuscatorValueRegex', DD_APPSEC_OBFUSCATION_PARAMETER_VALUE_REGEXP)
     this._setBoolean(env, 'appsec.rasp.enabled', DD_APPSEC_RASP_ENABLED)
@@ -739,7 +743,7 @@ class Config {
     this._setBoolean(env, 'crashtracking.enabled', DD_CRASHTRACKING_ENABLED)
     this._setBoolean(env, 'codeOriginForSpans.enabled', DD_CODE_ORIGIN_FOR_SPANS_ENABLED)
     this._setString(env, 'dbmPropagationMode', DD_DBM_PROPAGATION_MODE)
-    this._setString(env, 'dogstatsd.hostname', DD_DOGSTATSD_HOSTNAME)
+    this._setString(env, 'dogstatsd.hostname', DD_DOGSTATSD_HOST || DD_DOGSTATSD_HOSTNAME)
     this._setString(env, 'dogstatsd.port', DD_DOGSTATSD_PORT)
     this._setBoolean(env, 'dsmEnabled', DD_DATA_STREAMS_ENABLED)
     this._setBoolean(env, 'dynamicInstrumentationEnabled', DD_DYNAMIC_INSTRUMENTATION_ENABLED)
@@ -757,6 +761,7 @@ class Config {
     this._setArray(env, 'headerTags', DD_TRACE_HEADER_TAGS)
     this._setString(env, 'hostname', coalesce(DD_AGENT_HOST, DD_TRACE_AGENT_HOSTNAME))
     this._setString(env, 'iast.cookieFilterPattern', DD_IAST_COOKIE_FILTER_PATTERN)
+    this._setValue(env, 'iast.dbRowsToTaint', maybeInt(DD_IAST_DB_ROWS_TO_TAINT))
     this._setBoolean(env, 'iast.deduplicationEnabled', DD_IAST_DEDUPLICATION_ENABLED)
     this._setBoolean(env, 'iast.enabled', DD_IAST_ENABLED)
     this._setValue(env, 'iast.maxConcurrentRequests', maybeInt(DD_IAST_MAX_CONCURRENT_REQUESTS))
@@ -876,6 +881,7 @@ class Config {
     this._setBoolean(env, 'tracing', DD_TRACING_ENABLED)
     this._setString(env, 'version', DD_VERSION || tags.version)
     this._setBoolean(env, 'inferredProxyServicesEnabled', DD_TRACE_INFERRED_PROXY_SERVICES_ENABLED)
+    this._setString(env, 'aws.dynamoDb.tablePrimaryKeys', DD_AWS_SDK_DYNAMODB_TABLE_PRIMARY_KEYS)
   }
 
   _applyOptions (options) {
@@ -894,12 +900,7 @@ class Config {
     this._setValue(opts, 'appsec.blockedTemplateJson', maybeFile(options.appsec.blockedTemplateJson))
     this._optsUnprocessed['appsec.blockedTemplateJson'] = options.appsec.blockedTemplateJson
     this._setBoolean(opts, 'appsec.enabled', options.appsec.enabled)
-    let eventTracking = options.appsec.eventTracking?.mode
-    if (eventTracking) {
-      eventTracking = eventTracking.toLowerCase()
-      this._setValue(opts, 'appsec.eventTracking.enabled', ['extended', 'safe'].includes(eventTracking))
-      this._setValue(opts, 'appsec.eventTracking.mode', eventTracking)
-    }
+    this._setString(opts, 'appsec.eventTracking.mode', options.appsec.eventTracking?.mode)
     this._setString(opts, 'appsec.obfuscatorKeyRegex', options.appsec.obfuscatorKeyRegex)
     this._setString(opts, 'appsec.obfuscatorValueRegex', options.appsec.obfuscatorValueRegex)
     this._setBoolean(opts, 'appsec.rasp.enabled', options.appsec.rasp?.enabled)
@@ -937,6 +938,7 @@ class Config {
     this._setArray(opts, 'headerTags', options.headerTags)
     this._setString(opts, 'hostname', options.hostname)
     this._setString(opts, 'iast.cookieFilterPattern', options.iast?.cookieFilterPattern)
+    this._setValue(opts, 'iast.dbRowsToTaint', maybeInt(options.iast?.dbRowsToTaint))
     this._setBoolean(opts, 'iast.deduplicationEnabled', options.iast && options.iast.deduplicationEnabled)
     this._setBoolean(opts, 'iast.enabled',
       options.iast && (options.iast === true || options.iast.enabled === true))
@@ -1141,16 +1143,6 @@ class Config {
       calc['tracePropagationStyle.inject'] = calc['tracePropagationStyle.inject'] || defaultPropagationStyle
       calc['tracePropagationStyle.extract'] = calc['tracePropagationStyle.extract'] || defaultPropagationStyle
     }
-
-    const iastEnabled = coalesce(this._options['iast.enabled'], this._env['iast.enabled'])
-    const profilingEnabled = coalesce(this._options['profiling.enabled'], this._env['profiling.enabled'])
-    const injectionIncludesProfiler = (this._env.injectionEnabled || []).includes('profiler')
-    if (iastEnabled || ['auto', 'true'].includes(profilingEnabled) || injectionIncludesProfiler) {
-      this._setBoolean(calc, 'telemetry.logCollection', true)
-    }
-    if (this._env.injectionEnabled?.length > 0) {
-      this._setBoolean(calc, 'crashtracking.enabled', true)
-    }
   }
 
   _applyRemote (options) {
@@ -1288,7 +1280,7 @@ class Config {
   // TODO: Deeply merge configurations.
   // TODO: Move change tracking to telemetry.
   // for telemetry reporting, `name`s in `containers` need to be keys from:
-  // eslint-disable-next-line max-len
+  // eslint-disable-next-line @stylistic/js/max-len
   // https://github.com/DataDog/dd-go/blob/prod/trace/apps/tracer-telemetry-intake/telemetry-payload/static/config_norm_rules.json
   _merge () {
     const containers = [this._remote, this._options, this._env, this._calculated, this._defaults]

package/packages/dd-trace/src/constants.js

@@ -47,6 +47,7 @@ module.exports = {
   SCHEMA_NAME: 'schema.name',
   GRPC_CLIENT_ERROR_STATUSES: [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16],
   GRPC_SERVER_ERROR_STATUSES: [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16],
+  DYNAMODB_PTR_KIND: 'aws.dynamodb.item',
   S3_PTR_KIND: 'aws.s3.object',
   SPAN_POINTER_DIRECTION: Object.freeze({
     UPSTREAM: 'u',

package/packages/dd-trace/src/crashtracking/crashtracker.js

@@ -20,7 +20,7 @@ class Crashtracker {
       binding.updateConfig(this._getConfig(config))
       binding.updateMetadata(this._getMetadata(config))
     } catch (e) {
-      log.error(e)
+      log.error('Error configuring crashtracker', e)
     }
   }
 
@@ -36,7 +36,7 @@ class Crashtracker {
         this._getMetadata(config)
       )
     } catch (e) {
-      log.error(e)
+      log.error('Error initialising crashtracker', e)
     }
   }
 
@@ -79,6 +79,7 @@ class Crashtracker {
         'language:javascript',
         `library_version:${pkg.version}`,
         'runtime:nodejs',
+        `runtime_version:${process.versions.node}`,
         'severity:crash'
       ]
     }

package/packages/dd-trace/src/datastreams/processor.js

@@ -1,7 +1,5 @@
 const os = require('os')
 const pkg = require('../../../../package.json')
-// Message pack int encoding is done in big endian, but data streams uses little endian
-const Uint64 = require('int64-buffer').Uint64BE
 
 const { LogCollapsingLowestDenseDDSketch } = require('@datadog/sketches-js')
 const { DsmPathwayCodec } = require('./pathway')
@@ -19,8 +17,8 @@ const HIGH_ACCURACY_DISTRIBUTION = 0.0075
 
 class StatsPoint {
   constructor (hash, parentHash, edgeTags) {
-    this.hash = new Uint64(hash)
-    this.parentHash = new Uint64(parentHash)
+    this.hash = hash.readBigUInt64BE()
+    this.parentHash = parentHash.readBigUInt64BE()
     this.edgeTags = edgeTags
     this.edgeLatency = new LogCollapsingLowestDenseDDSketch(HIGH_ACCURACY_DISTRIBUTION)
     this.pathwayLatency = new LogCollapsingLowestDenseDDSketch(HIGH_ACCURACY_DISTRIBUTION)
@@ -344,8 +342,8 @@ class DataStreamsProcessor {
         backlogs.push(backlog.encode())
       }
       serializedBuckets.push({
-        Start: new Uint64(timeNs),
-        Duration: new Uint64(this.bucketSizeNs),
+        Start: BigInt(timeNs),
+        Duration: BigInt(this.bucketSizeNs),
         Stats: points,
         Backlogs: backlogs
       })

package/packages/dd-trace/src/datastreams/writer.js

@@ -2,9 +2,10 @@ const pkg = require('../../../../package.json')
 const log = require('../log')
 const request = require('../exporters/common/request')
 const { URL, format } = require('url')
-const msgpack = require('msgpack-lite')
+const { MsgpackEncoder } = require('../msgpack')
 const zlib = require('zlib')
-const codec = msgpack.createCodec({ int64: true })
+
+const msgpack = new MsgpackEncoder()
 
 function makeRequest (data, url, cb) {
   const options = {
@@ -41,17 +42,17 @@ class DataStreamsWriter {
       log.debug(() => `Maximum number of active requests reached. Payload discarded: ${JSON.stringify(payload)}`)
       return
     }
-    const encodedPayload = msgpack.encode(payload, { codec })
+    const encodedPayload = msgpack.encode(payload)
 
     zlib.gzip(encodedPayload, { level: 1 }, (err, compressedData) => {
       if (err) {
-        log.error(err)
+        log.error('Error zipping datastream', err)
         return
       }
       makeRequest(compressedData, this._url, (err, res) => {
         log.debug(`Response from the agent: ${res}`)
         if (err) {
-          log.error(err)
+          log.error('Error sending datastream', err)
         }
       })
     })

package/packages/dd-trace/src/debugger/devtools_client/breakpoints.js

@@ -0,0 +1,80 @@
+'use strict'
+
+const session = require('./session')
+const { MAX_SNAPSHOTS_PER_SECOND_PER_PROBE, MAX_NON_SNAPSHOTS_PER_SECOND_PER_PROBE } = require('./defaults')
+const { findScriptFromPartialPath, probes, breakpoints } = require('./state')
+const log = require('../../log')
+
+let sessionStarted = false
+
+module.exports = {
+  addBreakpoint,
+  removeBreakpoint
+}
+
+async function addBreakpoint (probe) {
+  if (!sessionStarted) await start()
+
+  const file = probe.where.sourceFile
+  const line = Number(probe.where.lines[0]) // Tracer doesn't support multiple-line breakpoints
+
+  // Optimize for sending data to /debugger/v1/input endpoint
+  probe.location = { file, lines: [String(line)] }
+  delete probe.where
+
+  // Optimize for fast calculations when probe is hit
+  const snapshotsPerSecond = probe.sampling.snapshotsPerSecond ?? (probe.captureSnapshot
+    ? MAX_SNAPSHOTS_PER_SECOND_PER_PROBE
+    : MAX_NON_SNAPSHOTS_PER_SECOND_PER_PROBE)
+  probe.sampling.nsBetweenSampling = BigInt(1 / snapshotsPerSecond * 1e9)
+  probe.lastCaptureNs = 0n
+
+  // TODO: Inbetween `await session.post('Debugger.enable')` and here, the scripts are parsed and cached.
+  // Maybe there's a race condition here or maybe we're guraenteed that `await session.post('Debugger.enable')` will
+  // not continue untill all scripts have been parsed?
+  const script = findScriptFromPartialPath(file)
+  if (!script) throw new Error(`No loaded script found for ${file} (probe: ${probe.id}, version: ${probe.version})`)
+  const [path, scriptId] = script
+
+  log.debug(
+    '[debugger:devtools_client] Adding breakpoint at %s:%d (probe: %s, version: %d)',
+    path, line, probe.id, probe.version
+  )
+
+  const { breakpointId } = await session.post('Debugger.setBreakpoint', {
+    location: {
+      scriptId,
+      lineNumber: line - 1 // Beware! lineNumber is zero-indexed
+    }
+  })
+
+  probes.set(probe.id, breakpointId)
+  breakpoints.set(breakpointId, probe)
+}
+
+async function removeBreakpoint ({ id }) {
+  if (!sessionStarted) {
+    // We should not get in this state, but abort if we do, so the code doesn't fail unexpected
+    throw Error(`Cannot remove probe ${id}: Debugger not started`)
+  }
+  if (!probes.has(id)) {
+    throw Error(`Unknown probe id: ${id}`)
+  }
+
+  const breakpointId = probes.get(id)
+  await session.post('Debugger.removeBreakpoint', { breakpointId })
+  probes.delete(id)
+  breakpoints.delete(breakpointId)
+
+  if (breakpoints.size === 0) await stop()
+}
+
+async function start () {
+  sessionStarted = true
+  return session.post('Debugger.enable') // return instead of await to reduce number of promises created
+}
+
+async function stop () {
+  sessionStarted = false
+  return session.post('Debugger.disable') // return instead of await to reduce number of promises created
+}

package/packages/dd-trace/src/debugger/devtools_client/config.js

@@ -15,7 +15,9 @@ const config = module.exports = {
 updateUrl(parentConfig)
 
 configPort.on('message', updateUrl)
-configPort.on('messageerror', (err) => log.error(err))
+configPort.on('messageerror', (err) =>
+  log.error('[debugger:devtools_client] received "messageerror" on config port', err)
+)
 
 function updateUrl (updates) {
   config.url = updates.url || format({

package/packages/dd-trace/src/debugger/devtools_client/defaults.js

@@ -0,0 +1,6 @@
+'use strict'
+
+module.exports = {
+  MAX_SNAPSHOTS_PER_SECOND_PER_PROBE: 1,
+  MAX_NON_SNAPSHOTS_PER_SECOND_PER_PROBE: 5_000
+}

package/packages/dd-trace/src/debugger/devtools_client/index.js

@@ -13,28 +13,59 @@ const { version } = require('../../../../../package.json')
 
 require('./remote_config')
 
+// Expression to run on a call frame of the paused thread to get its active trace and span id.
+const expression = `
+  const context = global.require('dd-trace').scope().active()?.context();
+  ({ trace_id: context?.toTraceId(), span_id: context?.toSpanId() })
+`
+
 // There doesn't seem to be an official standard for the content of these fields, so we're just populating them with
 // something that should be useful to a Node.js developer.
 const threadId = parentThreadId === 0 ? `pid:${process.pid}` : `pid:${process.pid};tid:${parentThreadId}`
 const threadName = parentThreadId === 0 ? 'MainThread' : `WorkerThread:${parentThreadId}`
 
+// WARNING: The code above the line `await session.post('Debugger.resume')` is highly optimized. Please edit with care!
 session.on('Debugger.paused', async ({ params }) => {
   const start = process.hrtime.bigint()
-  const timestamp = Date.now()
 
   let captureSnapshotForProbe = null
   let maxReferenceDepth, maxCollectionSize, maxFieldCount, maxLength
-  const probes = params.hitBreakpoints.map((id) => {
+
+  // V8 doesn't allow seting more than one breakpoint at a specific location, however, it's possible to set two
+  // breakpoints just next to eachother that will "snap" to the same logical location, which in turn will be hit at the
+  // same time. E.g. index.js:1:1 and index.js:1:2.
+  // TODO: Investigate if it will improve performance to create a fast-path for when there's only a single breakpoint
+  let sampled = false
+  const length = params.hitBreakpoints.length
+  let probes = new Array(length)
+  for (let i = 0; i < length; i++) {
+    const id = params.hitBreakpoints[i]
     const probe = breakpoints.get(id)
-    if (probe.captureSnapshot) {
+
+    if (start - probe.lastCaptureNs < probe.sampling.nsBetweenSampling) {
+      continue
+    }
+
+    sampled = true
+    probe.lastCaptureNs = start
+
+    if (probe.captureSnapshot === true) {
       captureSnapshotForProbe = probe
       maxReferenceDepth = highestOrUndefined(probe.capture.maxReferenceDepth, maxReferenceDepth)
       maxCollectionSize = highestOrUndefined(probe.capture.maxCollectionSize, maxCollectionSize)
       maxFieldCount = highestOrUndefined(probe.capture.maxFieldCount, maxFieldCount)
       maxLength = highestOrUndefined(probe.capture.maxLength, maxLength)
     }
-    return probe
-  })
+
+    probes[i] = probe
+  }
+
+  if (sampled === false) {
+    return session.post('Debugger.resume')
+  }
+
+  const timestamp = Date.now()
+  const dd = await getDD(params.callFrames[0].callFrameId)
 
   let processLocalState
   if (captureSnapshotForProbe !== null) {
@@ -54,7 +85,13 @@ session.on('Debugger.paused', async ({ params }) => {
   await session.post('Debugger.resume')
   const diff = process.hrtime.bigint() - start // TODO: Recored as telemetry (DEBUG-2858)
 
-  log.debug(`Finished processing breakpoints - main thread paused for: ${Number(diff) / 1000000} ms`)
+  log.debug(
+    '[debugger:devtools_client] Finished processing breakpoints - main thread paused for: %d ms',
+    Number(diff) / 1000000
+  )
+
+  // Due to the highly optimized algorithm above, the `probes` array might have gaps
+  probes = probes.filter((probe) => !!probe)
 
   const logger = {
     // We can safely use `location.file` from the first probe in the array, since all probes hit by `hitBreakpoints`
@@ -92,8 +129,8 @@ session.on('Debugger.paused', async ({ params }) => {
     }
 
     // TODO: Process template (DEBUG-2628)
-    send(probe.template, logger, snapshot, (err) => {
-      if (err) log.error(err)
+    send(probe.template, logger, dd, snapshot, (err) => {
+      if (err) log.error('Debugger error', err)
       else ackEmitting(probe)
     })
   }
@@ -102,3 +139,21 @@ session.on('Debugger.paused', async ({ params }) => {
 function highestOrUndefined (num, max) {
   return num === undefined ? max : Math.max(num, max ?? 0)
 }
+
+async function getDD (callFrameId) {
+  const { result } = await session.post('Debugger.evaluateOnCallFrame', {
+    callFrameId,
+    expression,
+    returnByValue: true,
+    includeCommandLineAPI: true
+  })
+
+  if (result?.value?.trace_id === undefined) {
+    if (result?.subtype === 'error') {
+      log.error('[debugger:devtools_client] Error getting trace/span id:', result.description)
+    }
+    return
+  }
+
+  return result.value
+}

package/packages/dd-trace/src/debugger/devtools_client/remote_config.js

@@ -1,13 +1,10 @@
 'use strict'
 
 const { workerData: { rcPort } } = require('node:worker_threads')
-const { findScriptFromPartialPath, probes, breakpoints } = require('./state')
-const session = require('./session')
+const { addBreakpoint, removeBreakpoint } = require('./breakpoints')
 const { ackReceived, ackInstalled, ackError } = require('./status')
 const log = require('../../log')
 
-let sessionStarted = false
-
 // Example log line probe (simplified):
 // {
 //   id: '100c9a5c-45ad-49dc-818b-c570d31e11d1',
@@ -44,20 +41,13 @@ rcPort.on('message', async ({ action, conf: probe, ackId }) => {
     ackError(err, probe)
   }
 })
-rcPort.on('messageerror', (err) => log.error(err))
-
-async function start () {
-  sessionStarted = true
-  return session.post('Debugger.enable') // return instead of await to reduce number of promises created
-}
-
-async function stop () {
-  sessionStarted = false
-  return session.post('Debugger.disable') // return instead of await to reduce number of promises created
-}
+rcPort.on('messageerror', (err) => log.error('[debugger:devtools_client] received "messageerror" on RC port', err))
 
 async function processMsg (action, probe) {
-  log.debug(`Received request to ${action} ${probe.type} probe (id: ${probe.id}, version: ${probe.version})`)
+  log.debug(
+    '[debugger:devtools_client] Received request to %s %s probe (id: %s, version: %d)',
+    action, probe.type, probe.id, probe.version
+  )
 
   if (action !== 'unapply') ackReceived(probe)
 
@@ -66,7 +56,7 @@ async function processMsg (action, probe) {
   }
   if (!probe.where.sourceFile && !probe.where.lines) {
     throw new Error(
-      // eslint-disable-next-line max-len
+      // eslint-disable-next-line @stylistic/js/max-len
       `Unsupported probe insertion point! Only line-based probes are supported (id: ${probe.id}, version: ${probe.version})`
     )
   }
@@ -90,15 +80,17 @@ async function processMsg (action, probe) {
         break
       case 'apply':
         await addBreakpoint(probe)
+        ackInstalled(probe)
         break
       case 'modify':
         // TODO: Modify existing probe instead of removing it (DEBUG-2817)
         await removeBreakpoint(probe)
         await addBreakpoint(probe)
+        ackInstalled(probe) // TODO: Should we also send ackInstalled when modifying a probe?
         break
       default:
         throw new Error(
-          // eslint-disable-next-line max-len
+          // eslint-disable-next-line @stylistic/js/max-len
           `Cannot process probe ${probe.id} (version: ${probe.version}) - unknown remote configuration action: ${action}`
         )
     }
@@ -107,55 +99,6 @@ async function processMsg (action, probe) {
   }
 }
 
-async function addBreakpoint (probe) {
-  if (!sessionStarted) await start()
-
-  const file = probe.where.sourceFile
-  const line = Number(probe.where.lines[0]) // Tracer doesn't support multiple-line breakpoints
-
-  // Optimize for sending data to /debugger/v1/input endpoint
-  probe.location = { file, lines: [String(line)] }
-  delete probe.where
-
-  // TODO: Inbetween `await session.post('Debugger.enable')` and here, the scripts are parsed and cached.
-  // Maybe there's a race condition here or maybe we're guraenteed that `await session.post('Debugger.enable')` will
-  // not continue untill all scripts have been parsed?
-  const script = findScriptFromPartialPath(file)
-  if (!script) throw new Error(`No loaded script found for ${file} (probe: ${probe.id}, version: ${probe.version})`)
-  const [path, scriptId] = script
-
-  log.debug(`Adding breakpoint at ${path}:${line} (probe: ${probe.id}, version: ${probe.version})`)
-
-  const { breakpointId } = await session.post('Debugger.setBreakpoint', {
-    location: {
-      scriptId,
-      lineNumber: line - 1 // Beware! lineNumber is zero-indexed
-    }
-  })
-
-  probes.set(probe.id, breakpointId)
-  breakpoints.set(breakpointId, probe)
-
-  ackInstalled(probe)
-}
-
-async function removeBreakpoint ({ id }) {
-  if (!sessionStarted) {
-    // We should not get in this state, but abort if we do, so the code doesn't fail unexpected
-    throw Error(`Cannot remove probe ${id}: Debugger not started`)
-  }
-  if (!probes.has(id)) {
-    throw Error(`Unknown probe id: ${id}`)
-  }
-
-  const breakpointId = probes.get(id)
-  await session.post('Debugger.removeBreakpoint', { breakpointId })
-  probes.delete(id)
-  breakpoints.delete(breakpointId)
-
-  if (breakpoints.size === 0) await stop()
-}
-
 async function lock () {
   if (lock.p) await lock.p
   let resolve

package/packages/dd-trace/src/debugger/devtools_client/send.js

@@ -22,7 +22,7 @@ const ddtags = [
 
 const path = `/debugger/v1/input?${stringify({ ddtags })}`
 
-function send (message, logger, snapshot, cb) {
+function send (message, logger, dd, snapshot, cb) {
   const opts = {
     method: 'POST',
     url: config.url,
@@ -36,6 +36,7 @@ function send (message, logger, snapshot, cb) {
     service,
     message,
     logger,
+    dd,
     'debugger.snapshot': snapshot
   }
 

package/packages/dd-trace/src/debugger/devtools_client/state.js

@@ -57,6 +57,6 @@ module.exports = {
 session.on('Debugger.scriptParsed', ({ params }) => {
   scriptUrls.set(params.scriptId, params.url)
   if (params.url.startsWith('file:')) {
-    scriptIds.push([params.url, params.scriptId])
+    scriptIds.push([params.url, params.scriptId, params.sourceMapURL])
   }
 })