dd-trace 5.35.0 → 5.37.0

package/LICENSE-3rdparty.csv

@@ -27,7 +27,7 @@ require,protobufjs,BSD-3-Clause,Copyright 2016 Daniel Wirtz
 require,tlhunter-sorted-set,MIT,Copyright (c) 2023 Datadog Inc.
 require,retry,MIT,Copyright 2011 Tim Koschützki Felix Geisendörfer
 require,rfdc,MIT,Copyright 2019 David Mark Clements
-require,semver,ISC,Copyright Isaac Z. Schlueter and Contributors
+require,semifies,Apache license 2.0,Copyright Authors
 require,shell-quote,mit,Copyright (c) 2013 James Halliday
 require,source-map,BSD-3-Clause,Copyright (c) 2009-2011, Mozilla Foundation and contributors
 require,ttl-set,MIT,Copyright (c) 2024 Thomas Watson
@@ -68,6 +68,7 @@ dev,nock,MIT,Copyright 2017 Pedro Teixeira and other contributors
 dev,nyc,ISC,Copyright 2015 Contributors
 dev,proxyquire,MIT,Copyright 2013 Thorsten Lorenz
 dev,rimraf,ISC,Copyright Isaac Z. Schlueter and Contributors
+dev,semver,ISC,Copyright Isaac Z. Schlueter and Contributors
 dev,sinon,BSD-3-Clause,Copyright 2010-2017 Christian Johansen
 dev,sinon-chai,WTFPL and BSD-2-Clause,Copyright 2004 Sam Hocevar 2012–2017 Domenic Denicola
 dev,tap,ISC,Copyright 2011-2022 Isaac Z. Schlueter and Contributors

package/index.d.ts

@@ -85,10 +85,6 @@ interface Tracer extends opentracing.Tracer {
    * span will finish when that callback is called.
    * * The function doesn't accept a callback and doesn't return a promise, in
    * which case the span will finish at the end of the function execution.
-   *
-   * If the `orphanable` option is set to false, the function will not be traced
-   * unless there is already an active span or `childOf` option. Note that this
-   * option is deprecated and has been removed in version 4.0.
    */
   trace<T> (name: string, fn: (span: tracer.Span) => T): T;
   trace<T> (name: string, fn: (span: tracer.Span, done: (error?: Error) => void) => T): T;
@@ -659,13 +655,13 @@ declare namespace tracer {
          * *  'anonymous': will hash user IDs and user logins before collecting them
          * *  'anon': alias for 'anonymous'
          * *  'safe': deprecated alias for 'anonymous'
-         * 
+         *
          * *  'identification': will collect user IDs and logins without redaction
          * *  'ident': alias for 'identification'
          * *  'extended': deprecated alias for 'identification'
-         * 
+         *
          * *  'disabled': will not collect user IDs and logins
-         * 
+         *
          * Unknown values will be considered as 'disabled'
          * @default 'identification'
          */
@@ -2230,6 +2226,11 @@ declare namespace tracer {
      */
     redactionValuePattern?: string,
 
+    /**
+     * Allows to enable security controls.
+     */
+    securityControlsConfiguration?: string,
+
     /**
      * Specifies the verbosity of the sent telemetry. Default 'INFORMATION'
      */

package/loader-hook.mjs

@@ -1,5 +1 @@
-// TODO(bengl): Not sure why `import/export` fails on this line, but it's just
-// a passthrough to another module so it should be fine. Disabling for now.
-
-// eslint-disable-next-line import/export
 export * from 'import-in-the-middle/hook.mjs'

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dd-trace",
-  "version": "5.35.0",
+  "version": "5.37.0",
   "description": "Datadog APM tracing client for JavaScript",
   "main": "index.js",
   "typings": "index.d.ts",
@@ -12,8 +12,8 @@
     "bench:e2e:ci-visibility": "node benchmark/e2e-ci/benchmark-run.js",
     "type:doc": "cd docs && yarn && yarn build",
     "type:test": "cd docs && yarn && yarn test",
-    "lint": "node scripts/check_licenses.js && eslint . && yarn audit",
-    "lint-fix": "node scripts/check_licenses.js && eslint . --fix && yarn audit",
+    "lint": "node scripts/check_licenses.js && eslint . --max-warnings 0 && yarn audit",
+    "lint:fix": "node scripts/check_licenses.js && eslint . --max-warnings 0 --fix && yarn audit",
     "release:proposal": "node scripts/release/proposal",
     "services": "node ./scripts/install_plugin_modules && node packages/dd-trace/test/setup/services",
     "test": "SERVICES=* yarn services && mocha --expose-gc 'packages/dd-trace/test/setup/node.js' 'packages/*/test/**/*.spec.js'",
@@ -83,8 +83,8 @@
   "dependencies": {
     "@datadog/libdatadog": "^0.4.0",
     "@datadog/native-appsec": "8.4.0",
-    "@datadog/native-iast-rewriter": "2.6.1",
-    "@datadog/native-iast-taint-tracking": "3.2.0",
+    "@datadog/native-iast-rewriter": "2.8.0",
+    "@datadog/native-iast-taint-tracking": "3.3.0",
     "@datadog/native-metrics": "^3.1.0",
     "@datadog/pprof": "5.5.1",
     "@datadog/sketches-js": "^2.1.0",
@@ -108,7 +108,7 @@
     "protobufjs": "^7.2.5",
     "retry": "^0.13.1",
     "rfdc": "^1.3.1",
-    "semver": "^7.5.4",
+    "semifies": "^1.0.0",
     "shell-quote": "^1.8.1",
     "source-map": "^0.7.4",
     "tlhunter-sorted-set": "^0.1.0",
@@ -116,10 +116,10 @@
   },
   "devDependencies": {
     "@apollo/server": "^4.11.0",
-    "@eslint/eslintrc": "^3.1.0",
-    "@eslint/js": "^9.11.1",
+    "@eslint/eslintrc": "^3.2.0",
+    "@eslint/js": "^9.19.0",
     "@msgpack/msgpack": "^3.0.0-beta3",
-    "@stylistic/eslint-plugin-js": "^2.8.0",
+    "@stylistic/eslint-plugin-js": "^3.0.1",
     "@types/node": "^16.0.0",
     "autocannon": "^4.5.2",
     "aws-sdk": "^2.1446.0",
@@ -132,12 +132,12 @@
     "cli-table3": "^0.6.3",
     "dotenv": "16.3.1",
     "esbuild": "0.16.12",
-    "eslint": "^8.57.0",
+    "eslint": "^9.19.0",
     "eslint-config-standard": "^17.1.0",
-    "eslint-plugin-import": "^2.29.1",
-    "eslint-plugin-mocha": "^10.4.3",
-    "eslint-plugin-n": "^16.6.2",
-    "eslint-plugin-promise": "^6.4.0",
+    "eslint-plugin-import": "^2.31.0",
+    "eslint-plugin-mocha": "^10.5.0",
+    "eslint-plugin-n": "^17.15.1",
+    "eslint-plugin-promise": "^7.2.1",
     "express": "^4.21.2",
     "get-port": "^3.2.0",
     "glob": "^7.1.6",
@@ -152,6 +152,7 @@
     "nyc": "^15.1.0",
     "proxyquire": "^1.8.0",
     "rimraf": "^3.0.0",
+    "semver": "^7.5.4",
     "sinon": "^16.1.3",
     "sinon-chai": "^3.7.0",
     "tap": "^16.3.7",

package/packages/datadog-core/index.js

@@ -1,5 +1,5 @@
 'use strict'
 
-const storage = require('./src/storage')
+const { storage } = require('./src/storage')
 
 module.exports = { storage }

package/packages/datadog-core/src/storage.js

@@ -2,66 +2,111 @@
 
 const { AsyncLocalStorage } = require('async_hooks')
 
-class DatadogStorage {
-  constructor () {
-    this._storage = new AsyncLocalStorage()
-  }
-
-  disable () {
-    this._storage.disable()
-  }
-
+/**
+ * This is exactly the same as AsyncLocalStorage, with the exception that it
+ * uses a WeakMap to store the store object. This is because ALS stores the
+ * store object as a property of the resource object, which causes all sorts
+ * of problems with logging and memory. We substitute the `store` object with
+ * a "handle" object, which is used as a key in a WeakMap, where the values
+ * are the real store objects.
+ *
+ * @template T
+ */
+class DatadogStorage extends AsyncLocalStorage {
+  /**
+   *
+   * @param store {DatadogStorage}
+   */
   enterWith (store) {
     const handle = {}
     stores.set(handle, store)
-    this._storage.enterWith(handle)
-  }
-
-  exit (callback, ...args) {
-    this._storage.exit(callback, ...args)
+    super.enterWith(handle)
   }
 
-  // TODO: Refactor the Scope class to use a span-only store and remove this.
+  /**
+   * This is method is a passthrough to the real `getStore()`, so that, when we
+   * need it, we can use the handle rather than our mapped store.
+   *
+   * It's only here because stores are currently used for a bunch of things,
+   * and we don't want to hold on to all of them in spans
+   * (see opentracing/span.js). Using a namespaced storage for spans would
+   * solve this.
+   *
+   * TODO: Refactor the Scope class to use a span-only store and remove this.
+   *
+   * @returns {{}}
+   */
   getHandle () {
-    return this._storage.getStore()
+    return super.getStore()
   }
 
+  /**
+   * Here, we replicate the behavior of the original `getStore()` method by
+   * passing in the handle, which we retrieve by calling it on super. Handles
+   * retrieved through `getHandle()` can also be passed in to be used as the
+   * key. This is useful if you've stashed a handle somewhere and want to
+   * retrieve the store with it.
+   *
+   * @param handle {{}}
+   * @returns {T | undefined}
+   */
   getStore (handle) {
     if (!handle) {
-      handle = this._storage.getStore()
+      handle = super.getStore()
     }
 
     return stores.get(handle)
   }
 
+  /**
+   * Here, we replicate the behavior of the original `run()` method. We ensure
+   * that our `enterWith()` is called internally, so that the handle to the
+   * store is set. As an optimization, we use super for getStore and enterWith
+   * when dealing with the parent store, so that we don't have to access the
+   * WeakMap.
+   * @template R
+   * @template TArgs extends any[]
+   * @param store {DatadogStorage}
+   * @param fn {() => R}
+   * @param args {TArgs}
+   * @returns {void}
+   */
   run (store, fn, ...args) {
-    const prior = this._storage.getStore()
+    const prior = super.getStore()
     this.enterWith(store)
     try {
       return Reflect.apply(fn, null, args)
     } finally {
-      this._storage.enterWith(prior)
+      super.enterWith(prior)
     }
   }
 }
 
+/**
+ * This is the map from handles to real stores, used in the class above.
+ * @template T
+ * @type {WeakMap<WeakKey, T>}
+ */
+const stores = new WeakMap()
+
+/**
+ * For convenience, we use the `storage` function as a registry of namespaces
+ * corresponding to DatadogStorage instances. This lets us have separate
+ * storages for separate purposes.
+ * @type {Map<string, DatadogStorage>}
+ */
 const storages = Object.create(null)
-const legacyStorage = new DatadogStorage()
 
-const storage = function (namespace) {
+/**
+ *
+ * @param namespace {string} the namespace to use
+ * @returns {DatadogStorage}
+ */
+function storage (namespace) {
   if (!storages[namespace]) {
     storages[namespace] = new DatadogStorage()
   }
   return storages[namespace]
 }
 
-storage.disable = legacyStorage.disable.bind(legacyStorage)
-storage.enterWith = legacyStorage.enterWith.bind(legacyStorage)
-storage.exit = legacyStorage.exit.bind(legacyStorage)
-storage.getHandle = legacyStorage.getHandle.bind(legacyStorage)
-storage.getStore = legacyStorage.getStore.bind(legacyStorage)
-storage.run = legacyStorage.run.bind(legacyStorage)
-
-const stores = new WeakMap()
-
-module.exports = storage
+module.exports = { storage }

package/packages/datadog-instrumentations/src/cucumber.js

@@ -22,6 +22,7 @@ const knownTestsCh = channel('ci:cucumber:known-tests')
 const skippableSuitesCh = channel('ci:cucumber:test-suite:skippable')
 const sessionStartCh = channel('ci:cucumber:session:start')
 const sessionFinishCh = channel('ci:cucumber:session:finish')
+const quarantinedTestsCh = channel('ci:cucumber:quarantined-tests')
 
 const workerReportTraceCh = channel('ci:cucumber:worker-report:trace')
 
@@ -71,6 +72,8 @@ let earlyFlakeDetectionFaultyThreshold = 0
 let isEarlyFlakeDetectionFaulty = false
 let isFlakyTestRetriesEnabled = false
 let isKnownTestsEnabled = false
+let isQuarantinedTestsEnabled = false
+let quarantinedTests = {}
 let numTestRetries = 0
 let knownTests = []
 let skippedSuites = []
@@ -117,6 +120,17 @@ function isNewTest (testSuite, testName) {
   return !testsForSuite.includes(testName)
 }
 
+function isQuarantinedTest (testSuite, testName) {
+  return quarantinedTests
+    ?.cucumber
+    ?.suites
+    ?.[testSuite]
+    ?.tests
+    ?.[testName]
+    ?.properties
+    ?.quarantined
+}
+
 function getTestStatusFromRetries (testStatuses) {
   if (testStatuses.every(status => status === 'fail')) {
     return 'fail'
@@ -293,12 +307,17 @@ function wrapRun (pl, isLatestVersion) {
         }
         let isNew = false
         let isEfdRetry = false
+        let isQuarantined = false
         if (isKnownTestsEnabled && status !== 'skip') {
           const numRetries = numRetriesByPickleId.get(this.pickle.id)
 
           isNew = numRetries !== undefined
           isEfdRetry = numRetries > 0
         }
+        if (isQuarantinedTestsEnabled) {
+          const testSuitePath = getTestSuitePath(testFileAbsolutePath, process.cwd())
+          isQuarantined = isQuarantinedTest(testSuitePath, this.pickle.name)
+        }
         const attemptAsyncResource = numAttemptToAsyncResource.get(numAttempt)
 
         const error = getErrorFromCucumberResult(result)
@@ -307,7 +326,15 @@ function wrapRun (pl, isLatestVersion) {
           await promises.hitBreakpointPromise
         }
         attemptAsyncResource.runInAsyncScope(() => {
-          testFinishCh.publish({ status, skipReason, error, isNew, isEfdRetry, isFlakyRetry: numAttempt > 0 })
+          testFinishCh.publish({
+            status,
+            skipReason,
+            error,
+            isNew,
+            isEfdRetry,
+            isFlakyRetry: numAttempt > 0,
+            isQuarantined
+          })
         })
       })
       return promise
@@ -396,6 +423,7 @@ function getWrappedStart (start, frameworkVersion, isParallel = false, isCoordin
     isFlakyTestRetriesEnabled = configurationResponse.libraryConfig?.isFlakyTestRetriesEnabled
     numTestRetries = configurationResponse.libraryConfig?.flakyTestRetriesCount
     isKnownTestsEnabled = configurationResponse.libraryConfig?.isKnownTestsEnabled
+    isQuarantinedTestsEnabled = configurationResponse.libraryConfig?.isQuarantinedTestsEnabled
 
     if (isKnownTestsEnabled) {
       const knownTestsResponse = await getChannelPromise(knownTestsCh)
@@ -453,6 +481,15 @@ function getWrappedStart (start, frameworkVersion, isParallel = false, isCoordin
       }
     }
 
+    if (isQuarantinedTestsEnabled) {
+      const quarantinedTestsResponse = await getChannelPromise(quarantinedTestsCh)
+      if (!quarantinedTestsResponse.err) {
+        quarantinedTests = quarantinedTestsResponse.quarantinedTests
+      } else {
+        isQuarantinedTestsEnabled = false
+      }
+    }
+
     const processArgv = process.argv.slice(2).join(' ')
     const command = process.env.npm_lifecycle_script || `cucumber-js ${processArgv}`
 
@@ -500,6 +537,7 @@ function getWrappedStart (start, frameworkVersion, isParallel = false, isCoordin
         hasForcedToRunSuites: isForcedToRun,
         isEarlyFlakeDetectionEnabled,
         isEarlyFlakeDetectionFaulty,
+        isQuarantinedTestsEnabled,
         isParallel
       })
     })
@@ -536,6 +574,7 @@ function getWrappedRunTestCase (runTestCaseFunction, isNewerCucumberVersion = fa
     }
 
     let isNew = false
+    let isQuarantined = false
 
     if (isKnownTestsEnabled) {
       isNew = isNewTest(testSuitePath, pickle.name)
@@ -543,6 +582,10 @@ function getWrappedRunTestCase (runTestCaseFunction, isNewerCucumberVersion = fa
         numRetriesByPickleId.set(pickle.id, 0)
       }
     }
+    if (isQuarantinedTestsEnabled) {
+      isQuarantined = isQuarantinedTest(testSuitePath, pickle.name)
+    }
+
     // TODO: for >=11 we could use `runTestCaseResult` instead of accumulating results in `lastStatusByPickleId`
     let runTestCaseResult = await runTestCaseFunction.apply(this, arguments)
 
@@ -557,6 +600,7 @@ function getWrappedRunTestCase (runTestCaseFunction, isNewerCucumberVersion = fa
     }
     let testStatus = lastTestStatus
     let shouldBePassedByEFD = false
+    let shouldBePassedByQuarantine = false
     if (isNew && isEarlyFlakeDetectionEnabled) {
       /**
        * If Early Flake Detection (EFD) is enabled the logic is as follows:
@@ -573,6 +617,11 @@ function getWrappedRunTestCase (runTestCaseFunction, isNewerCucumberVersion = fa
       }
     }
 
+    if (isQuarantinedTestsEnabled && isQuarantined) {
+      this.success = true
+      shouldBePassedByQuarantine = true
+    }
+
     if (!pickleResultByFile[testFileAbsolutePath]) {
       pickleResultByFile[testFileAbsolutePath] = [testStatus]
     } else {
@@ -604,6 +653,10 @@ function getWrappedRunTestCase (runTestCaseFunction, isNewerCucumberVersion = fa
       return shouldBePassedByEFD
     }
 
+    if (isNewerCucumberVersion && isQuarantinedTestsEnabled && isQuarantined) {
+      return shouldBePassedByQuarantine
+    }
+
     return runTestCaseResult
   }
 }

package/packages/datadog-instrumentations/src/helpers/instrument.js

@@ -1,7 +1,7 @@
 'use strict'
 
 const dc = require('dc-polyfill')
-const semver = require('semver')
+const satisfies = require('semifies')
 const instrumentations = require('./instrumentations')
 const { AsyncResource } = require('async_hooks')
 
@@ -36,7 +36,7 @@ exports.addHook = function addHook ({ name, versions, file, filePattern }, hook)
 
 // AsyncResource.bind exists and binds `this` properly only from 17.8.0 and up.
 // https://nodejs.org/api/async_context.html#asyncresourcebindfn-thisarg
-if (semver.satisfies(process.versions.node, '>=17.8.0')) {
+if (satisfies(process.versions.node, '>=17.8.0')) {
   exports.AsyncResource = AsyncResource
 } else {
   exports.AsyncResource = class extends AsyncResource {

package/packages/datadog-instrumentations/src/helpers/register.js

@@ -2,7 +2,7 @@
 
 const { channel } = require('dc-polyfill')
 const path = require('path')
-const semver = require('semver')
+const satisfies = require('semifies')
 const Hook = require('./hook')
 const requirePackageJson = require('../../../dd-trace/src/require-package-json')
 const log = require('../../../dd-trace/src/log')
@@ -155,7 +155,7 @@ for (const packageName of names) {
 }
 
 function matchVersion (version, ranges) {
-  return !version || (ranges && ranges.some(range => semver.satisfies(semver.coerce(version), range)))
+  return !version || (ranges && ranges.some(range => satisfies(version, range)))
 }
 
 function getVersion (moduleBaseDir) {