dd-trace 5.14.1 → 5.15.0

package/packages/dd-trace/src/appsec/remote_config/capabilities.js

@@ -15,5 +15,6 @@ module.exports = {
   APM_TRACING_LOGS_INJECTION: 1n << 13n,
   APM_TRACING_HTTP_HEADER_TAGS: 1n << 14n,
   APM_TRACING_CUSTOM_TAGS: 1n << 15n,
-  APM_TRACING_ENABLED: 1n << 19n
+  APM_TRACING_ENABLED: 1n << 19n,
+  APM_TRACING_SAMPLE_RULES: 1n << 29n
 }

package/packages/dd-trace/src/appsec/remote_config/index.js

@@ -15,6 +15,7 @@ function enable (config, appsec) {
   rc.updateCapabilities(RemoteConfigCapabilities.APM_TRACING_LOGS_INJECTION, true)
   rc.updateCapabilities(RemoteConfigCapabilities.APM_TRACING_SAMPLE_RATE, true)
   rc.updateCapabilities(RemoteConfigCapabilities.APM_TRACING_ENABLED, true)
+  rc.updateCapabilities(RemoteConfigCapabilities.APM_TRACING_SAMPLE_RULES, true)
 
   const activation = Activation.fromConfig(config)
 

package/packages/dd-trace/src/appsec/rule_manager.js

@@ -3,7 +3,6 @@
 const fs = require('fs')
 const waf = require('./waf')
 const { ACKNOWLEDGED, ERROR } = require('./remote_config/apply_states')
-const blocking = require('./blocking')
 
 let defaultRules
 
@@ -20,10 +19,6 @@ function loadRules (config) {
     : require('./recommended.json')
 
   waf.init(defaultRules, config)
-
-  if (defaultRules.actions) {
-    blocking.updateBlockingConfiguration(defaultRules.actions.find(action => action.id === 'block'))
-  }
 }
 
 function updateWafFromRC ({ toUnapply, toApply, toModify }) {
@@ -68,7 +63,7 @@ function updateWafFromRC ({ toUnapply, toApply, toModify }) {
         item.apply_state = ERROR
         item.apply_error = 'Multiple ruleset received in ASM_DD'
       } else {
-        if (file && file.rules && file.rules.length) {
+        if (file?.rules?.length) {
           const { version, metadata, rules, processors, scanners } = file
 
           newRuleset = { version, metadata, rules, processors, scanners }
@@ -78,30 +73,23 @@ function updateWafFromRC ({ toUnapply, toApply, toModify }) {
         batch.add(item)
       }
     } else if (product === 'ASM') {
-      let batchConfiguration = false
-      if (file && file.rules_override && file.rules_override.length) {
-        batchConfiguration = true
+      if (file?.rules_override?.length) {
         newRulesOverride.set(id, file.rules_override)
       }
 
-      if (file && file.exclusions && file.exclusions.length) {
-        batchConfiguration = true
+      if (file?.exclusions?.length) {
         newExclusions.set(id, file.exclusions)
       }
 
-      if (file && file.custom_rules && file.custom_rules.length) {
-        batchConfiguration = true
+      if (file?.custom_rules?.length) {
         newCustomRules.set(id, file.custom_rules)
       }
 
-      if (file && file.actions && file.actions.length) {
+      if (file?.actions?.length) {
         newActions.set(id, file.actions)
       }
 
-      // "actions" data is managed by tracer and not by waf
-      if (batchConfiguration) {
-        batch.add(item)
-      }
+      batch.add(item)
     }
   }
 
@@ -112,7 +100,9 @@ function updateWafFromRC ({ toUnapply, toApply, toModify }) {
     newRuleset ||
     newRulesOverride.modified ||
     newExclusions.modified ||
-    newCustomRules.modified) {
+    newCustomRules.modified ||
+    newActions.modified
+  ) {
     const payload = newRuleset || {}
 
     if (newRulesData.modified) {
@@ -127,6 +117,9 @@ function updateWafFromRC ({ toUnapply, toApply, toModify }) {
     if (newCustomRules.modified) {
       payload.custom_rules = concatArrays(newCustomRules)
     }
+    if (newActions.modified) {
+      payload.actions = concatArrays(newActions)
+    }
 
     try {
       waf.update(payload)
@@ -146,6 +139,9 @@ function updateWafFromRC ({ toUnapply, toApply, toModify }) {
       if (newCustomRules.modified) {
         appliedCustomRules = newCustomRules
       }
+      if (newActions.modified) {
+        appliedActions = newActions
+      }
     } catch (err) {
       newApplyState = ERROR
       newApplyError = err.toString()
@@ -156,11 +152,6 @@ function updateWafFromRC ({ toUnapply, toApply, toModify }) {
     config.apply_state = newApplyState
     if (newApplyError) config.apply_error = newApplyError
   }
-
-  if (newActions.modified) {
-    blocking.updateBlockingConfiguration(concatArrays(newActions).find(action => action.id === 'block'))
-    appliedActions = newActions
-  }
 }
 
 // A Map with a new prop `modified`, a bool that indicates if the Map was modified
@@ -242,7 +233,6 @@ function copyRulesData (rulesData) {
 
 function clearAllRules () {
   waf.destroy()
-  blocking.updateBlockingConfiguration(undefined)
 
   defaultRules = undefined
 

package/packages/dd-trace/src/appsec/sdk/user_blocking.js

@@ -3,17 +3,14 @@
 const { USER_ID } = require('../addresses')
 const waf = require('../waf')
 const { getRootSpan } = require('./utils')
-const { block } = require('../blocking')
+const { block, getBlockingAction } = require('../blocking')
 const { storage } = require('../../../../datadog-core')
 const { setUserTags } = require('./set_user')
 const log = require('../../log')
 
 function isUserBlocked (user) {
   const actions = waf.run({ persistent: { [USER_ID]: user.id } })
-
-  if (!actions) return false
-
-  return actions.includes('block')
+  return !!getBlockingAction(actions)
 }
 
 function checkUserAndSetUser (tracer, user) {

package/packages/dd-trace/src/appsec/waf/waf_context_wrapper.js

@@ -3,6 +3,7 @@
 const log = require('../../log')
 const Reporter = require('../reporter')
 const addresses = require('../addresses')
+const { getBlockingAction } = require('../blocking')
 
 // TODO: remove once ephemeral addresses are implemented
 const preventDuplicateAddresses = new Set([
@@ -60,7 +61,8 @@ class WAFContextWrapper {
       this.addressesToSkip = newAddressesToSkip
 
       const ruleTriggered = !!result.events?.length
-      const blockTriggered = result.actions?.includes('block')
+
+      const blockTriggered = !!getBlockingAction(result.actions)
 
       Reporter.reportMetrics({
         duration: result.totalRuntime / 1e3,

package/packages/dd-trace/src/ci-visibility/exporters/test-worker/index.js

@@ -4,7 +4,8 @@ const Writer = require('./writer')
 const {
   JEST_WORKER_COVERAGE_PAYLOAD_CODE,
   JEST_WORKER_TRACE_PAYLOAD_CODE,
-  CUCUMBER_WORKER_TRACE_PAYLOAD_CODE
+  CUCUMBER_WORKER_TRACE_PAYLOAD_CODE,
+  MOCHA_WORKER_TRACE_PAYLOAD_CODE
 } = require('../../../plugins/util/test')
 
 function getInterprocessTraceCode () {
@@ -14,6 +15,9 @@ function getInterprocessTraceCode () {
   if (process.env.CUCUMBER_WORKER_ID) {
     return CUCUMBER_WORKER_TRACE_PAYLOAD_CODE
   }
+  if (process.env.MOCHA_WORKER_ID) {
+    return MOCHA_WORKER_TRACE_PAYLOAD_CODE
+  }
   return null
 }
 

package/packages/dd-trace/src/config.js

@@ -2,7 +2,7 @@
 
 const fs = require('fs')
 const os = require('os')
-const uuid = require('crypto-randomuuid')
+const uuid = require('crypto-randomuuid') // we need to keep the old uuid dep because of cypress
 const URL = require('url').URL
 const log = require('./log')
 const pkg = require('./pkg')
@@ -170,6 +170,7 @@ class Config {
     // Configure the logger first so it can be used to warn about other configs
     this.debug = isTrue(coalesce(
       process.env.DD_TRACE_DEBUG,
+      process.env.OTEL_LOG_LEVEL && process.env.OTEL_LOG_LEVEL === 'debug',
       false
     ))
     this.logger = options.logger
@@ -288,15 +289,6 @@ class Config {
     )
 
     const sampler = {
-      rules: coalesce(
-        options.samplingRules,
-        safeJsonParse(process.env.DD_TRACE_SAMPLING_RULES),
-        []
-      ).map(rule => {
-        return remapify(rule, {
-          sample_rate: 'sampleRate'
-        })
-      }),
       spanSamplingRules: coalesce(
         options.spanSamplingRules,
         safeJsonParse(maybeFile(process.env.DD_SPAN_SAMPLING_RULES_FILE)),
@@ -444,6 +436,7 @@ class Config {
     this._setValue(defaults, 'appsec.enabled', undefined)
     this._setValue(defaults, 'appsec.obfuscatorKeyRegex', defaultWafObfuscatorKeyRegex)
     this._setValue(defaults, 'appsec.obfuscatorValueRegex', defaultWafObfuscatorValueRegex)
+    this._setValue(defaults, 'appsec.rasp.enabled', false)
     this._setValue(defaults, 'appsec.rateLimit', 100)
     this._setValue(defaults, 'appsec.rules', undefined)
     this._setValue(defaults, 'appsec.sca.enabled', null)
@@ -485,9 +478,12 @@ class Config {
     this._setValue(defaults, 'peerServiceMapping', {})
     this._setValue(defaults, 'plugins', true)
     this._setValue(defaults, 'port', '8126')
-    this._setValue(defaults, 'profiling.enabled', false)
+    this._setValue(defaults, 'profiling.enabled', undefined)
     this._setValue(defaults, 'profiling.exporters', 'agent')
     this._setValue(defaults, 'profiling.sourceMap', true)
+    this._setValue(defaults, 'profiling.ssi', false)
+    this._setValue(defaults, 'profiling.heuristicsEnabled', false)
+    this._setValue(defaults, 'profiling.longLivedThreshold', undefined)
     this._setValue(defaults, 'protocolVersion', '0.4')
     this._setValue(defaults, 'queryStringObfuscation', qsRegex)
     this._setValue(defaults, 'remoteConfig.enabled', true)
@@ -496,6 +492,7 @@ class Config {
     this._setValue(defaults, 'runtimeMetrics', false)
     this._setValue(defaults, 'sampleRate', undefined)
     this._setValue(defaults, 'sampler.rateLimit', undefined)
+    this._setValue(defaults, 'sampler.rules', [])
     this._setValue(defaults, 'scope', undefined)
     this._setValue(defaults, 'service', service)
     this._setValue(defaults, 'site', 'datadoghq.com')
@@ -531,6 +528,7 @@ class Config {
       DD_APPSEC_OBFUSCATION_PARAMETER_VALUE_REGEXP,
       DD_APPSEC_RULES,
       DD_APPSEC_SCA_ENABLED,
+      DD_APPSEC_RASP_ENABLED,
       DD_APPSEC_TRACE_RATE_LIMIT,
       DD_APPSEC_WAF_TIMEOUT,
       DD_DATA_STREAMS_ENABLED,
@@ -558,6 +556,7 @@ class Config {
       DD_PROFILING_ENABLED,
       DD_PROFILING_EXPORTERS,
       DD_PROFILING_SOURCE_MAP,
+      DD_INTERNAL_PROFILING_LONG_LIVED_THRESHOLD,
       DD_REMOTE_CONFIGURATION_ENABLED,
       DD_REMOTE_CONFIG_POLL_INTERVAL_SECONDS,
       DD_RUNTIME_METRICS_ENABLED,
@@ -590,6 +589,7 @@ class Config {
       DD_TRACE_REMOVE_INTEGRATION_SERVICE_NAMES_ENABLED,
       DD_TRACE_REPORT_HOSTNAME,
       DD_TRACE_SAMPLE_RATE,
+      DD_TRACE_SAMPLING_RULES,
       DD_TRACE_SCOPE,
       DD_TRACE_SPAN_ATTRIBUTE_SCHEMA,
       DD_TRACE_STARTUP_LOGS,
@@ -618,6 +618,7 @@ class Config {
     this._setBoolean(env, 'appsec.enabled', DD_APPSEC_ENABLED)
     this._setString(env, 'appsec.obfuscatorKeyRegex', DD_APPSEC_OBFUSCATION_PARAMETER_KEY_REGEXP)
     this._setString(env, 'appsec.obfuscatorValueRegex', DD_APPSEC_OBFUSCATION_PARAMETER_VALUE_REGEXP)
+    this._setBoolean(env, 'appsec.rasp.enabled', DD_APPSEC_RASP_ENABLED)
     this._setValue(env, 'appsec.rateLimit', maybeInt(DD_APPSEC_TRACE_RATE_LIMIT))
     this._setString(env, 'appsec.rules', DD_APPSEC_RULES)
     // DD_APPSEC_SCA_ENABLED is never used locally, but only sent to the backend
@@ -663,6 +664,17 @@ class Config {
     this._setBoolean(env, 'profiling.enabled', coalesce(DD_EXPERIMENTAL_PROFILING_ENABLED, DD_PROFILING_ENABLED))
     this._setString(env, 'profiling.exporters', DD_PROFILING_EXPORTERS)
     this._setBoolean(env, 'profiling.sourceMap', DD_PROFILING_SOURCE_MAP && !isFalse(DD_PROFILING_SOURCE_MAP))
+    if (DD_PROFILING_ENABLED === 'auto' || DD_INJECTION_ENABLED) {
+      this._setBoolean(env, 'profiling.ssi', true)
+      if (DD_PROFILING_ENABLED === 'auto' || DD_INJECTION_ENABLED.split(',').includes('profiler')) {
+        this._setBoolean(env, 'profiling.heuristicsEnabled', true)
+      }
+      if (DD_INTERNAL_PROFILING_LONG_LIVED_THRESHOLD) {
+        // This is only used in testing to not have to wait 30s
+        this._setValue(env, 'profiling.longLivedThreshold', Number(DD_INTERNAL_PROFILING_LONG_LIVED_THRESHOLD))
+      }
+    }
+
     this._setString(env, 'protocolVersion', DD_TRACE_AGENT_PROTOCOL_VERSION)
     this._setString(env, 'queryStringObfuscation', DD_TRACE_OBFUSCATION_QUERY_STRING_REGEXP)
     this._setBoolean(env, 'remoteConfig.enabled', coalesce(
@@ -687,6 +699,7 @@ class Config {
     }
     this._setUnit(env, 'sampleRate', DD_TRACE_SAMPLE_RATE || OTEL_TRACES_SAMPLER_MAPPING[OTEL_TRACES_SAMPLER])
     this._setValue(env, 'sampler.rateLimit', DD_TRACE_RATE_LIMIT)
+    this._setSamplingRule(env, 'sampler.rules', safeJsonParse(DD_TRACE_SAMPLING_RULES)) // example
     this._setString(env, 'scope', DD_TRACE_SCOPE)
     this._setString(env, 'service', DD_SERVICE || DD_SERVICE_NAME || tags.service || OTEL_SERVICE_NAME)
     this._setString(env, 'site', DD_SITE)
@@ -707,9 +720,7 @@ class Config {
     this._setBoolean(env, 'telemetry.dependencyCollection', DD_TELEMETRY_DEPENDENCY_COLLECTION_ENABLED)
     this._setValue(env, 'telemetry.heartbeatInterval', maybeInt(Math.floor(DD_TELEMETRY_HEARTBEAT_INTERVAL * 1000)))
     const hasTelemetryLogsUsingFeatures =
-      isTrue(DD_IAST_ENABLED) ||
-      isTrue(DD_PROFILING_ENABLED) ||
-      (typeof DD_INJECTION_ENABLED === 'string' && DD_INJECTION_ENABLED.split(',').includes('profiling'))
+      env['iast.enabled'] || env['profiling.enabled'] || env['profiling.heuristicsEnabled']
         ? true
         : undefined
     this._setBoolean(env, 'telemetry.logCollection', coalesce(DD_TELEMETRY_LOG_COLLECTION_ENABLED,
@@ -734,6 +745,7 @@ class Config {
     this._setBoolean(opts, 'appsec.enabled', options.appsec.enabled)
     this._setString(opts, 'appsec.obfuscatorKeyRegex', options.appsec.obfuscatorKeyRegex)
     this._setString(opts, 'appsec.obfuscatorValueRegex', options.appsec.obfuscatorValueRegex)
+    this._setBoolean(opts, 'appsec.rasp.enabled', options.appsec.rasp?.enabled)
     this._setValue(opts, 'appsec.rateLimit', maybeInt(options.appsec.rateLimit))
     this._setString(opts, 'appsec.rules', options.appsec.rules)
     this._setValue(opts, 'appsec.wafTimeout', maybeInt(options.appsec.wafTimeout))
@@ -786,6 +798,7 @@ class Config {
     this._setUnit(opts, 'sampleRate', coalesce(options.sampleRate, options.ingestion.sampleRate))
     const ingestion = options.ingestion || {}
     this._setValue(opts, 'sampler.rateLimit', coalesce(options.rateLimit, ingestion.rateLimit))
+    this._setSamplingRule(opts, 'sampler.rules', options.samplingRules)
     this._setString(opts, 'service', options.service || tags.service)
     this._setString(opts, 'site', options.site)
     if (options.spanAttributeSchema) {
@@ -933,6 +946,17 @@ class Config {
     this._setArray(opts, 'headerTags', headerTags)
     this._setTags(opts, 'tags', tags)
     this._setBoolean(opts, 'tracing', options.tracing_enabled)
+    // ignore tags for now since rc sampling rule tags format is not supported
+    this._setSamplingRule(opts, 'sampler.rules', this._ignoreTags(options.trace_sample_rules))
+  }
+
+  _ignoreTags (samplingRules) {
+    if (samplingRules) {
+      for (const rule of samplingRules) {
+        delete rule.tags
+      }
+    }
+    return samplingRules
   }
 
   _setBoolean (obj, name, value) {
@@ -959,12 +983,12 @@ class Config {
   }
 
   _setArray (obj, name, value) {
-    if (value === null || value === undefined) {
+    if (value == null) {
       return this._setValue(obj, name, null)
     }
 
     if (typeof value === 'string') {
-      value = value && value.split(',')
+      value = value.split(',')
     }
 
     if (Array.isArray(value)) {
@@ -972,6 +996,25 @@ class Config {
     }
   }
 
+  _setSamplingRule (obj, name, value) {
+    if (value == null) {
+      return this._setValue(obj, name, null)
+    }
+
+    if (typeof value === 'string') {
+      value = value.split(',')
+    }
+
+    if (Array.isArray(value)) {
+      value = value.map(rule => {
+        return remapify(rule, {
+          sample_rate: 'sampleRate'
+        })
+      })
+      this._setValue(obj, name, value)
+    }
+  }
+
   _setString (obj, name, value) {
     obj[name] = value ? String(value) : undefined // unset for empty strings
   }

package/packages/dd-trace/src/encode/0.4.js

@@ -120,7 +120,7 @@ class AgentEncoder {
       this._encodeMap(bytes, span.metrics)
       if (span.meta_struct) {
         this._encodeString(bytes, 'meta_struct')
-        this._encodeObject(bytes, span.meta_struct)
+        this._encodeMetaStruct(bytes, span.meta_struct)
       }
     }
   }
@@ -271,12 +271,48 @@ class AgentEncoder {
     }
   }
 
+  _encodeMetaStruct (bytes, value) {
+    const keys = Array.isArray(value) ? [] : Object.keys(value)
+    const validKeys = keys.filter(key => {
+      const v = value[key]
+      return typeof v === 'string' ||
+        typeof v === 'number' ||
+        (v !== null && typeof v === 'object')
+    })
+
+    this._encodeMapPrefix(bytes, validKeys.length)
+
+    for (const key of validKeys) {
+      const v = value[key]
+      this._encodeString(bytes, key)
+      this._encodeObjectAsByteArray(bytes, v)
+    }
+  }
+
+  _encodeObjectAsByteArray (bytes, value) {
+    const prefixLength = 5
+    const offset = bytes.length
+
+    bytes.reserve(prefixLength)
+    bytes.length += prefixLength
+
+    this._encodeObject(bytes, value)
+
+    // we should do it after encoding the object to know the real length
+    const length = bytes.length - offset - prefixLength
+    bytes.buffer[offset] = 0xc6
+    bytes.buffer[offset + 1] = length >> 24
+    bytes.buffer[offset + 2] = length >> 16
+    bytes.buffer[offset + 3] = length >> 8
+    bytes.buffer[offset + 4] = length
+  }
+
   _encodeObject (bytes, value, circularReferencesDetector = new Set()) {
     circularReferencesDetector.add(value)
     if (Array.isArray(value)) {
-      return this._encodeObjectAsArray(bytes, value, circularReferencesDetector)
+      this._encodeObjectAsArray(bytes, value, circularReferencesDetector)
     } else if (value !== null && typeof value === 'object') {
-      return this._encodeObjectAsMap(bytes, value, circularReferencesDetector)
+      this._encodeObjectAsMap(bytes, value, circularReferencesDetector)
     } else if (typeof value === 'string' || typeof value === 'number') {
       this._encodeValue(bytes, value)
     }
@@ -284,16 +320,19 @@ class AgentEncoder {
 
   _encodeObjectAsMap (bytes, value, circularReferencesDetector) {
     const keys = Object.keys(value)
-    const validKeys = keys.filter(key =>
-      typeof value[key] === 'string' ||
-      typeof value[key] === 'number' ||
-      (value[key] !== null && typeof value[key] === 'object' && !circularReferencesDetector.has(value[key])))
+    const validKeys = keys.filter(key => {
+      const v = value[key]
+      return typeof v === 'string' ||
+        typeof v === 'number' ||
+        (v !== null && typeof v === 'object' && !circularReferencesDetector.has(v))
+    })
 
     this._encodeMapPrefix(bytes, validKeys.length)
 
     for (const key of validKeys) {
+      const v = value[key]
       this._encodeString(bytes, key)
-      this._encodeObject(bytes, value[key], circularReferencesDetector)
+      this._encodeObject(bytes, v, circularReferencesDetector)
     }
   }
 

package/packages/dd-trace/src/exporter.js

@@ -19,6 +19,7 @@ module.exports = name => {
       return require('./ci-visibility/exporters/agent-proxy')
     case exporters.JEST_WORKER:
     case exporters.CUCUMBER_WORKER:
+    case exporters.MOCHA_WORKER:
       return require('./ci-visibility/exporters/test-worker')
     default:
       return inAWSLambda && !usingLambdaExtension ? require('./exporters/log') : require('./exporters/agent')

package/packages/dd-trace/src/flare/file.js

@@ -0,0 +1,44 @@
+'use strict'
+
+const { Writable } = require('stream')
+
+const INITIAL_SIZE = 64 * 1024
+
+class FlareFile extends Writable {
+  constructor () {
+    super()
+
+    this.length = 0
+
+    this._buffer = Buffer.alloc(INITIAL_SIZE)
+  }
+
+  get data () {
+    return this._buffer.subarray(0, this.length)
+  }
+
+  _write (chunk, encoding, callback) {
+    const length = Buffer.byteLength(chunk)
+
+    this._reserve(length)
+
+    if (Buffer.isBuffer(chunk)) {
+      this.length += chunk.copy(this._buffer, this.length)
+    } else {
+      this.length += this._buffer.write(chunk, encoding)
+    }
+
+    callback()
+  }
+
+  _reserve (length) {
+    while (this.length + length > this._buffer.length) {
+      const buffer = Buffer.alloc(this.length * 2)
+
+      this._buffer.copy(buffer)
+      this._buffer = buffer
+    }
+  }
+}
+
+module.exports = FlareFile

package/packages/dd-trace/src/flare/index.js

@@ -0,0 +1,98 @@
+'use strict'
+
+const log = require('../log')
+const startupLog = require('../startup-log')
+const FlareFile = require('./file')
+const { LogChannel } = require('../log/channels')
+const request = require('../exporters/common/request')
+const FormData = require('../exporters/common/form-data')
+
+const MAX_LOG_SIZE = 12 * 1024 * 1024 // 12MB soft limit
+const TIMEOUT = 20 * 1000 * 60
+
+let logChannel = null
+let tracerLogs = null
+let timer
+let tracerConfig = null
+
+const logger = {
+  debug: (msg) => recordLog(msg),
+  info: (msg) => recordLog(msg),
+  warn: (msg) => recordLog(msg),
+  error: (err) => recordLog(err.stack)
+}
+
+const flare = {
+  enable (tracerConfig_) {
+    tracerConfig = tracerConfig_
+  },
+
+  disable () {
+    tracerConfig = null
+
+    flare.cleanup()
+  },
+
+  prepare (logLevel) {
+    if (!tracerConfig) return
+
+    logChannel?.unsubscribe(logger)
+    logChannel = new LogChannel(logLevel)
+    logChannel.subscribe(logger)
+    tracerLogs = tracerLogs || new FlareFile()
+    timer = timer || setTimeout(flare.cleanup, TIMEOUT)
+  },
+
+  send (task) {
+    if (!tracerConfig) return
+
+    const tracerInfo = new FlareFile()
+
+    tracerInfo.write(JSON.stringify(startupLog.tracerInfo(), null, 2))
+
+    flare._sendFile(task, tracerInfo, 'tracer_info.txt')
+    flare._sendFile(task, tracerLogs, 'tracer_logs.txt')
+
+    flare.cleanup()
+  },
+
+  cleanup () {
+    logChannel?.unsubscribe(logger)
+    timer = clearTimeout(timer)
+    logChannel = null
+    tracerLogs = null
+  },
+
+  _sendFile (task, file, filename) {
+    if (!file) return
+
+    const form = new FormData()
+
+    form.append('case_id', task.case_id)
+    form.append('hostname', task.hostname)
+    form.append('email', task.user_handle)
+    form.append('source', 'tracer_nodejs')
+    form.append('flare_file', file.data, { filename })
+
+    request(form, {
+      url: tracerConfig.url,
+      hostname: tracerConfig.hostname,
+      port: tracerConfig.port,
+      method: 'POST',
+      path: '/tracer_flare/v1',
+      headers: form.getHeaders()
+    }, (err) => {
+      if (err) {
+        log.error(err)
+      }
+    })
+  }
+}
+
+function recordLog (msg) {
+  if (tracerLogs.length > MAX_LOG_SIZE) return
+
+  tracerLogs.write(`${msg}\n`) // TODO: gzip
+}
+
+module.exports = flare