dd-trace 5.37.0 → 5.38.0

package/ci/init.js

@@ -1,6 +1,6 @@
 /* eslint-disable no-console */
 const tracer = require('../packages/dd-trace')
-const { isTrue } = require('../packages/dd-trace/src/util')
+const { isTrue, isFalse } = require('../packages/dd-trace/src/util')
 const log = require('../packages/dd-trace/src/log')
 
 const isJestWorker = !!process.env.JEST_WORKER_ID
@@ -23,7 +23,7 @@ const options = {
   flushInterval: isJestWorker ? 0 : 5000
 }
 
-let shouldInit = true
+let shouldInit = !isFalse(process.env.DD_CIVISIBILITY_ENABLED)
 
 if (isPackageManager()) {
   log.debug('dd-trace is not initialized in a package manager.')

package/initialize.mjs

@@ -35,10 +35,12 @@ ${result.source}`
 const [NODE_MAJOR, NODE_MINOR] = process.versions.node.split('.').map(x => +x)
 
 const brokenLoaders = NODE_MAJOR === 18 && NODE_MINOR === 0
+const iitmExclusions = [/langsmith/, /openai\/_shims/, /openai\/resources\/chat\/completions\/messages/]
 
-export async function load (...args) {
-  const loadHook = brokenLoaders ? args[args.length - 1] : origLoad
-  return insertInit(await loadHook(...args))
+export async function load (url, context, nextLoad) {
+  const iitmExclusionsMatch = iitmExclusions.some((exclusion) => exclusion.test(url))
+  const loadHook = (brokenLoaders || iitmExclusionsMatch) ? nextLoad : origLoad
+  return insertInit(await loadHook(url, context, nextLoad))
 }
 
 export const resolve = brokenLoaders ? undefined : origResolve
@@ -53,6 +55,8 @@ if (isMainThread) {
   const require = Module.createRequire(import.meta.url)
   require('./init.js')
   if (Module.register) {
-    Module.register('./loader-hook.mjs', import.meta.url)
+    Module.register('./loader-hook.mjs', import.meta.url, {
+      data: { exclude: iitmExclusions }
+    })
   }
 }

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dd-trace",
-  "version": "5.37.0",
+  "version": "5.38.0",
   "description": "Datadog APM tracing client for JavaScript",
   "main": "index.js",
   "typings": "index.d.ts",
@@ -131,7 +131,7 @@
     "checksum": "^1.0.0",
     "cli-table3": "^0.6.3",
     "dotenv": "16.3.1",
-    "esbuild": "0.16.12",
+    "esbuild": "^0.25.0",
     "eslint": "^9.19.0",
     "eslint-config-standard": "^17.1.0",
     "eslint-plugin-import": "^2.31.0",

package/packages/datadog-instrumentations/src/aws-sdk.js

@@ -172,7 +172,7 @@ function getMessage (request, error, result) {
 
 function getChannelSuffix (name) {
   // some resource identifiers have spaces between ex: bedrock runtime
-  name = name.replaceAll(' ', '')
+  name = String(name).replaceAll(' ', '')
   return [
     'cloudwatchlogs',
     'dynamodb',

package/packages/datadog-instrumentations/src/helpers/hooks.js

@@ -19,8 +19,8 @@ module.exports = {
   '@jest/test-sequencer': () => require('../jest'),
   '@jest/transform': () => require('../jest'),
   '@koa/router': () => require('../koa'),
-  '@langchain/core': () => require('../langchain'),
-  '@langchain/openai': () => require('../langchain'),
+  '@langchain/core': { esmFirst: true, fn: () => require('../langchain') },
+  '@langchain/openai': { esmFirst: true, fn: () => require('../langchain') },
   '@node-redis/client': () => require('../redis'),
   '@opensearch-project/opensearch': () => require('../opensearch'),
   '@opentelemetry/sdk-trace-node': () => require('../otel-sdk-trace'),
@@ -100,7 +100,7 @@ module.exports = {
   'node:vm': () => require('../vm'),
   nyc: () => require('../nyc'),
   oracledb: () => require('../oracledb'),
-  openai: () => require('../openai'),
+  openai: { esmFirst: true, fn: () => require('../openai') },
   paperplane: () => require('../paperplane'),
   passport: () => require('../passport'),
   'passport-http': () => require('../passport-http'),

package/packages/datadog-instrumentations/src/http/client.js

@@ -117,6 +117,11 @@ function patch (http, methodName) {
         } catch (e) {
           ctx.error = e
           errorChannel.publish(ctx)
+          // if the initial request failed, ctx.req will be unset, we must close the span here
+          // fix for: https://github.com/DataDog/dd-trace-js/issues/5016
+          if (!ctx.req) {
+            finish()
+          }
           throw e
         } finally {
           endChannel.publish(ctx)

package/packages/datadog-instrumentations/src/openai.js

@@ -8,98 +8,98 @@ const ch = dc.tracingChannel('apm:openai:request')
 
 const V4_PACKAGE_SHIMS = [
   {
-    file: 'resources/chat/completions.js',
+    file: 'resources/chat/completions',
     targetClass: 'Completions',
     baseResource: 'chat.completions',
     methods: ['create'],
     streamedResponse: true
   },
   {
-    file: 'resources/completions.js',
+    file: 'resources/completions',
     targetClass: 'Completions',
     baseResource: 'completions',
     methods: ['create'],
     streamedResponse: true
   },
   {
-    file: 'resources/embeddings.js',
+    file: 'resources/embeddings',
     targetClass: 'Embeddings',
     baseResource: 'embeddings',
     methods: ['create']
   },
   {
-    file: 'resources/files.js',
+    file: 'resources/files',
     targetClass: 'Files',
     baseResource: 'files',
     methods: ['create', 'del', 'list', 'retrieve']
   },
   {
-    file: 'resources/files.js',
+    file: 'resources/files',
     targetClass: 'Files',
     baseResource: 'files',
     methods: ['retrieveContent'],
     versions: ['>=4.0.0 <4.17.1']
   },
   {
-    file: 'resources/files.js',
+    file: 'resources/files',
     targetClass: 'Files',
     baseResource: 'files',
     methods: ['content'], // replaced `retrieveContent` in v4.17.1
     versions: ['>=4.17.1']
   },
   {
-    file: 'resources/images.js',
+    file: 'resources/images',
     targetClass: 'Images',
     baseResource: 'images',
     methods: ['createVariation', 'edit', 'generate']
   },
   {
-    file: 'resources/fine-tuning/jobs/jobs.js',
+    file: 'resources/fine-tuning/jobs/jobs',
     targetClass: 'Jobs',
     baseResource: 'fine_tuning.jobs',
     methods: ['cancel', 'create', 'list', 'listEvents', 'retrieve'],
     versions: ['>=4.34.0'] // file location changed in 4.34.0
   },
   {
-    file: 'resources/fine-tuning/jobs.js',
+    file: 'resources/fine-tuning/jobs',
     targetClass: 'Jobs',
     baseResource: 'fine_tuning.jobs',
     methods: ['cancel', 'create', 'list', 'listEvents', 'retrieve'],
     versions: ['>=4.1.0 <4.34.0']
   },
   {
-    file: 'resources/fine-tunes.js', // deprecated after 4.1.0
+    file: 'resources/fine-tunes', // deprecated after 4.1.0
     targetClass: 'FineTunes',
     baseResource: 'fine-tune',
     methods: ['cancel', 'create', 'list', 'listEvents', 'retrieve'],
     versions: ['>=4.0.0 <4.1.0']
   },
   {
-    file: 'resources/models.js',
+    file: 'resources/models',
     targetClass: 'Models',
     baseResource: 'models',
     methods: ['del', 'list', 'retrieve']
   },
   {
-    file: 'resources/moderations.js',
+    file: 'resources/moderations',
     targetClass: 'Moderations',
     baseResource: 'moderations',
     methods: ['create']
   },
   {
-    file: 'resources/audio/transcriptions.js',
+    file: 'resources/audio/transcriptions',
     targetClass: 'Transcriptions',
     baseResource: 'audio.transcriptions',
     methods: ['create']
   },
   {
-    file: 'resources/audio/translations.js',
+    file: 'resources/audio/translations',
     targetClass: 'Translations',
     baseResource: 'audio.translations',
     methods: ['create']
   },
   {
-    file: 'resources/chat/completions/completions.js',
+    file: 'resources/chat/completions/completions',
     targetClass: 'Completions',
     baseResource: 'chat.completions',
     methods: ['create'],
@@ -267,93 +267,117 @@ function wrapStreamIterator (response, options, n, ctx) {
   }
 }
 
-for (const shim of V4_PACKAGE_SHIMS) {
-  const { file, targetClass, baseResource, methods, versions, streamedResponse } = shim
-  addHook({ name: 'openai', file, versions: versions || ['>=4'] }, exports => {
-    const targetPrototype = exports[targetClass].prototype
+const extensions = ['.js', '.mjs']
 
-    for (const methodName of methods) {
-      shimmer.wrap(targetPrototype, methodName, methodFn => function () {
-        if (!ch.start.hasSubscribers) {
-          return methodFn.apply(this, arguments)
-        }
+for (const extension of extensions) {
+  for (const shim of V4_PACKAGE_SHIMS) {
+    const { file, targetClass, baseResource, methods, versions, streamedResponse } = shim
+    addHook({ name: 'openai', file: file + extension, versions: versions || ['>=4'] }, exports => {
+      const targetPrototype = exports[targetClass].prototype
 
-        // The OpenAI library lets you set `stream: true` on the options arg to any method
-        // However, we only want to handle streamed responses in specific cases
-        // chat.completions and completions
-        const stream = streamedResponse && getOption(arguments, 'stream', false)
-
-        // we need to compute how many prompts we are sending in streamed cases for completions
-        // not applicable for chat completiond
-        let n
-        if (stream) {
-          n = getOption(arguments, 'n', 1)
-          const prompt = getOption(arguments, 'prompt')
-          if (Array.isArray(prompt) && typeof prompt[0] !== 'number') {
-            n *= prompt.length
+      for (const methodName of methods) {
+        shimmer.wrap(targetPrototype, methodName, methodFn => function () {
+          if (!ch.start.hasSubscribers) {
+            return methodFn.apply(this, arguments)
           }
-        }
 
-        const client = this._client || this.client
+          // The OpenAI library lets you set `stream: true` on the options arg to any method
+          // However, we only want to handle streamed responses in specific cases
+          // chat.completions and completions
+          const stream = streamedResponse && getOption(arguments, 'stream', false)
+
+          // we need to compute how many prompts we are sending in streamed cases for completions
+          // not applicable for chat completiond
+          let n
+          if (stream) {
+            n = getOption(arguments, 'n', 1)
+            const prompt = getOption(arguments, 'prompt')
+            if (Array.isArray(prompt) && typeof prompt[0] !== 'number') {
+              n *= prompt.length
+            }
+          }
 
-        const ctx = {
-          methodName: `${baseResource}.${methodName}`,
-          args: arguments,
-          basePath: client.baseURL,
-          apiKey: client.apiKey
-        }
+          const client = this._client || this.client
 
-        return ch.start.runStores(ctx, () => {
-          const apiProm = methodFn.apply(this, arguments)
-
-          // wrapping `parse` avoids problematic wrapping of `then` when trying to call
-          // `withResponse` in userland code after. This way, we can return the whole `APIPromise`
-          shimmer.wrap(apiProm, 'parse', origApiPromParse => function () {
-            return origApiPromParse.apply(this, arguments)
-            // the original response is wrapped in a promise, so we need to unwrap it
-              .then(body => Promise.all([this.responsePromise, body]))
-              .then(([{ response, options }, body]) => {
-                if (stream) {
-                  if (body.iterator) {
-                    shimmer.wrap(body, 'iterator', wrapStreamIterator(response, options, n, ctx))
-                  } else {
-                    shimmer.wrap(
-                      body.response.body, Symbol.asyncIterator, wrapStreamIterator(response, options, n, ctx)
-                    )
-                  }
-                } else {
-                  finish(ctx, {
-                    headers: response.headers,
-                    data: body,
-                    request: {
-                      path: response.url,
-                      method: options.method
-                    }
-                  })
-                }
+          const ctx = {
+            methodName: `${baseResource}.${methodName}`,
+            args: arguments,
+            basePath: client.baseURL,
+            apiKey: client.apiKey
+          }
 
-                return body
-              })
-              .catch(error => {
-                finish(ctx, undefined, error)
+          return ch.start.runStores(ctx, () => {
+            const apiProm = methodFn.apply(this, arguments)
 
-                throw error
-              })
-              .finally(() => {
-              // maybe we don't want to unwrap here in case the promise is re-used?
-              // other hand: we want to avoid resource leakage
-                shimmer.unwrap(apiProm, 'parse')
+            if (baseResource === 'chat.completions' && typeof apiProm._thenUnwrap === 'function') {
+              // this should only ever be invoked from a client.beta.chat.completions.parse call
+              shimmer.wrap(apiProm, '_thenUnwrap', origApiPromThenUnwrap => function () {
+                // TODO(sam.brenner): I wonder if we can patch the APIPromise prototype instead, although
+                // we might not have access to everything we need...
+
+                // this is a new apipromise instance
+                const unwrappedPromise = origApiPromThenUnwrap.apply(this, arguments)
+
+                shimmer.wrap(unwrappedPromise, 'parse', origApiPromParse => function () {
+                  const parsedPromise = origApiPromParse.apply(this, arguments)
+                    .then(body => Promise.all([this.responsePromise, body]))
+
+                  return handleUnwrappedAPIPromise(parsedPromise, ctx, stream, n)
+                })
+
+                return unwrappedPromise
               })
-          })
+            }
+
+            // wrapping `parse` avoids problematic wrapping of `then` when trying to call
+            // `withResponse` in userland code after. This way, we can return the whole `APIPromise`
+            shimmer.wrap(apiProm, 'parse', origApiPromParse => function () {
+              const parsedPromise = origApiPromParse.apply(this, arguments)
+                .then(body => Promise.all([this.responsePromise, body]))
+
+              return handleUnwrappedAPIPromise(parsedPromise, ctx, stream, n)
+            })
 
-          ch.end.publish(ctx)
+            ch.end.publish(ctx)
 
-          return apiProm
+            return apiProm
+          })
         })
-      })
-    }
-    return exports
-  })
+      }
+      return exports
+    })
+  }
+}
+
+function handleUnwrappedAPIPromise (apiProm, ctx, stream, n) {
+  return apiProm
+    .then(([{ response, options }, body]) => {
+      if (stream) {
+        if (body.iterator) {
+          shimmer.wrap(body, 'iterator', wrapStreamIterator(response, options, n, ctx))
+        } else {
+          shimmer.wrap(
+            body.response.body, Symbol.asyncIterator, wrapStreamIterator(response, options, n, ctx)
+          )
+        }
+      } else {
+        finish(ctx, {
+          headers: response.headers,
+          data: body,
+          request: {
+            path: response.url,
+            method: options.method
+          }
+        })
+      }
+
+      return body
+    })
+    .catch(error => {
+      finish(ctx, undefined, error)
+
+      throw error
+    })
 }
 
 function finish (ctx, response, error) {

package/packages/datadog-plugin-http/src/client.js

@@ -102,7 +102,9 @@ class HttpClientPlugin extends ClientPlugin {
       addResponseHeaders(res, span, this.config)
     }
 
-    addRequestHeaders(req, span, this.config)
+    if (req) {
+      addRequestHeaders(req, span, this.config)
+    }
 
     this.config.hooks.request(span, req, res)
 

package/packages/datadog-plugin-http2/src/client.js

@@ -73,6 +73,9 @@ class Http2ClientPlugin extends ClientPlugin {
   }
 
   bindAsyncStart ({ eventName, eventData, currentStore, parentStore }) {
+    // Plugin wasn't enabled when the request started.
+    if (!currentStore) return storage('legacy').getStore()
+
     switch (eventName) {
       case 'response':
         this._onResponse(currentStore, eventData)

package/packages/datadog-plugin-mongodb-core/src/index.js

@@ -70,6 +70,7 @@ function getQuery (cmd) {
   if (!cmd || typeof cmd !== 'object' || Array.isArray(cmd)) return
   if (cmd.query) return sanitizeBigInt(limitDepth(cmd.query))
   if (cmd.filter) return sanitizeBigInt(limitDepth(cmd.filter))
+  if (cmd.pipeline) return sanitizeBigInt(limitDepth(cmd.pipeline))
 }
 
 function getResource (plugin, ns, query, operationName) {

package/packages/dd-trace/src/appsec/blocked_templates.js

@@ -1,11 +1,11 @@
 /* eslint-disable @stylistic/js/max-len */
 'use strict'
 
-const html = `<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>You've been blocked</title><style>a,body,div,html,span{margin:0;padding:0;border:0;font-size:100%;font:inherit;vertical-align:baseline}body{background:-webkit-radial-gradient(26% 19%,circle,#fff,#f4f7f9);background:radial-gradient(circle at 26% 19%,#fff,#f4f7f9);display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-ms-flex-line-pack:center;align-content:center;width:100%;min-height:100vh;line-height:1;flex-direction:column}p{display:block}main{text-align:center;flex:1;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-ms-flex-line-pack:center;align-content:center;flex-direction:column}p{font-size:18px;line-height:normal;color:#646464;font-family:sans-serif;font-weight:400}a{color:#4842b7}footer{width:100%;text-align:center}footer p{font-size:16px}</style></head><body><main><p>Sorry, you cannot access this page. Please contact the customer service team.</p></main><footer><p>Security provided by <a href="https://www.datadoghq.com/product/security-platform/application-security-monitoring/" target="_blank">Datadog</a></p></footer></body></html>`
+const html = '<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>You\'ve been blocked</title><style>a,body,div,html,span{margin:0;padding:0;border:0;font-size:100%;font:inherit;vertical-align:baseline}body{background:-webkit-radial-gradient(26% 19%,circle,#fff,#f4f7f9);background:radial-gradient(circle at 26% 19%,#fff,#f4f7f9);display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-ms-flex-line-pack:center;align-content:center;width:100%;min-height:100vh;line-height:1;flex-direction:column}p{display:block}main{text-align:center;flex:1;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-ms-flex-line-pack:center;align-content:center;flex-direction:column}p{font-size:18px;line-height:normal;color:#646464;font-family:sans-serif;font-weight:400}a{color:#4842b7}footer{width:100%;text-align:center}footer p{font-size:16px}</style></head><body><main><p>Sorry, you cannot access this page. Please contact the customer service team.</p></main><footer><p>Security provided by <a href="https://www.datadoghq.com/product/security-platform/application-security-monitoring/" target="_blank">Datadog</a></p></footer></body></html>'
 
-const json = `{"errors":[{"title":"You've been blocked","detail":"Sorry, you cannot access this page. Please contact the customer service team. Security provided by Datadog."}]}`
+const json = '{"errors":[{"title":"You\'ve been blocked","detail":"Sorry, you cannot access this page. Please contact the customer service team. Security provided by Datadog."}]}'
 
-const graphqlJson = `{"errors":[{"message":"You've been blocked","extensions":{"detail":"Sorry, you cannot perform this operation. Please contact the customer service team. Security provided by Datadog."}}]}`
+const graphqlJson = '{"errors":[{"message":"You\'ve been blocked","extensions":{"detail":"Sorry, you cannot perform this operation. Please contact the customer service team. Security provided by Datadog."}}]}'
 
 module.exports = {
   html,

package/packages/dd-trace/src/ci-visibility/dynamic-instrumentation/index.js

@@ -69,8 +69,12 @@ class TestVisDynamicInstrumentation {
         // To avoid infinite initialization loops, we're disabling DI and tracing in the worker.
         env: {
           ...process.env,
+          DD_CIVISIBILITY_ENABLED: 0,
           DD_TRACE_ENABLED: 0,
-          DD_TEST_DYNAMIC_INSTRUMENTATION_ENABLED: 0
+          DD_TEST_FAILED_TEST_REPLAY_ENABLED: 0,
+          DD_CIVISIBILITY_MANUAL_API_ENABLED: 0,
+          DD_TRACING_ENABLED: 0,
+          DD_TRACE_TELEMETRY_ENABLED: 0
         },
         workerData: {
           config: config.serialize(),

package/packages/dd-trace/src/ci-visibility/exporters/git/git_metadata.js

@@ -5,6 +5,7 @@ const FormData = require('../../../exporters/common/form-data')
 const request = require('../../../exporters/common/request')
 
 const log = require('../../../log')
+const { isFalse } = require('../../../util')
 const {
   getLatestCommits,
   getRepositoryUrl,
@@ -284,7 +285,9 @@ function sendGitMetadata (url, { isEvpProxy, evpProxyPrefix }, configRepositoryU
     }
     // Otherwise we unshallow and get commits to upload again
     log.debug('It is shallow clone, unshallowing...')
-    unshallowRepository()
+    if (!isFalse(process.env.DD_CIVISIBILITY_GIT_UNSHALLOW_ENABLED)) {
+      unshallowRepository()
+    }
 
     // The latest commits change after unshallowing
     latestCommits = getLatestCommits()

package/packages/dd-trace/src/config.js

@@ -566,7 +566,7 @@ class Config {
     this._setValue(defaults, 'telemetry.metrics', true)
     this._setValue(defaults, 'traceEnabled', true)
     this._setValue(defaults, 'traceId128BitGenerationEnabled', true)
-    this._setValue(defaults, 'traceId128BitLoggingEnabled', false)
+    this._setValue(defaults, 'traceId128BitLoggingEnabled', true)
     this._setValue(defaults, 'tracePropagationExtractFirst', false)
     this._setValue(defaults, 'tracePropagationStyle.inject', ['datadog', 'tracecontext', 'baggage'])
     this._setValue(defaults, 'tracePropagationStyle.extract', ['datadog', 'tracecontext', 'baggage'])
@@ -1144,7 +1144,7 @@ class Config {
       DD_CIVISIBILITY_FLAKY_RETRY_COUNT,
       DD_TEST_SESSION_NAME,
       DD_AGENTLESS_LOG_SUBMISSION_ENABLED,
-      DD_TEST_DYNAMIC_INSTRUMENTATION_ENABLED,
+      DD_TEST_FAILED_TEST_REPLAY_ENABLED,
       DD_TEST_MANAGEMENT_ENABLED,
       DD_TEST_MANAGEMENT_ATTEMPT_TO_FIX_RETRIES
     } = process.env
@@ -1164,7 +1164,7 @@ class Config {
       this._setBoolean(calc, 'isManualApiEnabled', !isFalse(this._isCiVisibilityManualApiEnabled()))
       this._setString(calc, 'ciVisibilityTestSessionName', DD_TEST_SESSION_NAME)
       this._setBoolean(calc, 'ciVisAgentlessLogSubmissionEnabled', isTrue(DD_AGENTLESS_LOG_SUBMISSION_ENABLED))
-      this._setBoolean(calc, 'isTestDynamicInstrumentationEnabled', isTrue(DD_TEST_DYNAMIC_INSTRUMENTATION_ENABLED))
+      this._setBoolean(calc, 'isTestDynamicInstrumentationEnabled', !isFalse(DD_TEST_FAILED_TEST_REPLAY_ENABLED))
       this._setBoolean(calc, 'isServiceUserProvided', !!this._env.service)
       this._setBoolean(calc, 'isTestManagementEnabled', !isFalse(DD_TEST_MANAGEMENT_ENABLED))
       this._setValue(calc,

package/packages/dd-trace/src/debugger/devtools_client/breakpoints.js

@@ -31,9 +31,9 @@ async function addBreakpoint (probe) {
   probe.nsBetweenSampling = BigInt(1 / snapshotsPerSecond * 1e9)
   probe.lastCaptureNs = 0n
 
-  // TODO: Inbetween `await session.post('Debugger.enable')` and here, the scripts are parsed and cached.
-  // Maybe there's a race condition here or maybe we're guraenteed that `await session.post('Debugger.enable')` will
-  // not continue untill all scripts have been parsed?
+  // Warning: The code below relies on undocumented behavior of the inspector!
+  // It expects that `await session.post('Debugger.enable')` will wait for all loaded scripts to be emitted as
+  // `Debugger.scriptParsed` events. If this ever changes, we will have a race condition!
   const script = findScriptFromPartialPath(file)
   if (!script) throw new Error(`No loaded script found for ${file} (probe: ${probe.id}, version: ${probe.version})`)
   const { url, scriptId, sourceMapURL, source } = script

package/packages/dd-trace/src/debugger/devtools_client/source-maps.js

@@ -7,6 +7,7 @@ const { SourceMapConsumer } = require('source-map')
 
 const cache = new Map()
 let cacheTimer = null
+let cacheTimerLastSet = 0
 
 const self = module.exports = {
   async loadSourceMap (dir, url) {
@@ -33,13 +34,26 @@ const self = module.exports = {
   }
 }
 
+// TODO: Remove if-statement around `setTimeout` below once it's safe to do so.
+//
+// This is a workaround for, what seems like a bug in Node.js core, that seems to trigger when, among other things, a
+// lot of timers are being created very rapidly. This makes the call to `setTimeout` throw an error from within
+// `AsyncLocalStorage._propagate` with the following error message:
+//
+//     TypeError: Cannot read properties of undefined (reading 'Symbol(kResourceStore)')
+//
+// Source: https://github.com/nodejs/node/blob/v18.20.6/lib/async_hooks.js#L312
 function cacheIt (key, value) {
-  clearTimeout(cacheTimer)
-  cacheTimer = setTimeout(function () {
-    // Optimize for app boot, where a lot of reads might happen
-    // Clear cache a few seconds after it was last used
-    cache.clear()
-  }, 10_000).unref()
+  const now = Date.now()
+  if (now > cacheTimerLastSet + 1_000) {
+    clearTimeout(cacheTimer)
+    cacheTimer = setTimeout(function () {
+      // Optimize for app boot, where a lot of reads might happen
+      // Clear cache a few seconds after it was last used
+      cache.clear()
+    }, 10_000).unref()
+    cacheTimerLastSet = now
+  }
   cache.set(key, value)
   return value
 }

package/packages/dd-trace/src/opentracing/propagation/log.js

@@ -14,7 +14,8 @@ class LogPropagator {
     carrier.dd = {}
 
     if (spanContext) {
-      if (this._config.traceId128BitLoggingEnabled && spanContext._trace.tags['_dd.p.tid']) {
+      if (this._config.traceId128BitGenerationEnabled &&
+        this._config.traceId128BitLoggingEnabled && spanContext._trace.tags['_dd.p.tid']) {
         carrier.dd.trace_id = spanContext.toTraceId(true)
       } else {
         carrier.dd.trace_id = spanContext.toTraceId()

package/packages/dd-trace/src/opentracing/propagation/text_map.js

@@ -46,6 +46,7 @@ const tracestateTagKeyFilter = /[^\x21-\x2b\x2d-\x3c\x3e-\x7e]/g
 const tracestateTagValueFilter = /[^\x20-\x2b\x2d-\x3a\x3c-\x7d]/g
 const invalidSegment = /^0+$/
 const zeroTraceId = '0000000000000000'
+const hex16 = /^[0-9A-Fa-f]{16}$/
 
 class TextMapPropagator {
   constructor (config) {
@@ -482,10 +483,20 @@ class TextMapPropagator {
               }
               break
             }
-            default:
+            default: {
               if (!key.startsWith('t.')) continue
-              spanContext._trace.tags[`_dd.p.${key.slice(2)}`] = value
-                .replace(/[\x7e]/gm, '=')
+              const subKey = key.slice(2) // e.g. t.tid -> tid
+              const transformedValue = value.replace(/[\x7e]/gm, '=')
+
+              // If subkey is tid  then do nothing because trace header tid should always be preserved
+              if (subKey === 'tid') {
+                if (!hex16.test(value) || spanContext._trace.tags['_dd.p.tid'] !== transformedValue) {
+                  log.error(`Invalid trace id ${value} in tracestate, skipping`)
+                }
+                continue
+              }
+              spanContext._trace.tags[`_dd.p.${subKey}`] = transformedValue
+            }
           }
         }
       })
@@ -645,7 +656,11 @@ class TextMapPropagator {
           log.error('Trace tags from carrier are invalid, skipping extraction.')
           return
         }
-
+        // Check if value is a valid 16 character lower-case hexadecimal encoded number as per spec
+        if (key === '_dd.p.tid' && !(hex16.test(value))) {
+          log.error(`Invalid _dd.p.tid tag ${value}, skipping`)
+          continue
+        }
         tags[key] = value
       }
 

package/packages/dd-trace/src/plugins/ci_plugin.js

@@ -202,15 +202,15 @@ module.exports = class CiPlugin extends Plugin {
   configure (config, shouldGetEnvironmentData = true) {
     super.configure(config)
 
+    if (!shouldGetEnvironmentData) {
+      return
+    }
+
     if (config.isTestDynamicInstrumentationEnabled && !this.di) {
       const testVisibilityDynamicInstrumentation = require('../ci-visibility/dynamic-instrumentation')
       this.di = testVisibilityDynamicInstrumentation
     }
 
-    if (!shouldGetEnvironmentData) {
-      return
-    }
-
     this.testEnvironmentMetadata = getTestEnvironmentMetadata(this.constructor.id, this.config)
 
     const {

package/packages/dd-trace/src/plugins/util/ci.js

@@ -628,6 +628,38 @@ module.exports = {
       }
     }
 
+    if (env.DRONE && env.CI) {
+      const {
+        DRONE_BUILD_NUMBER,
+        DRONE_BUILD_LINK,
+        DRONE_STEP_NAME,
+        DRONE_STAGE_NAME,
+        DRONE_WORKSPACE,
+        DRONE_GIT_HTTP_URL,
+        DRONE_COMMIT_SHA,
+        DRONE_BRANCH,
+        DRONE_TAG,
+        DRONE_COMMIT_AUTHOR_NAME,
+        DRONE_COMMIT_AUTHOR_EMAIL,
+        DRONE_COMMIT_MESSAGE
+      } = env
+      tags = {
+        [CI_PROVIDER_NAME]: 'drone',
+        [CI_PIPELINE_NUMBER]: DRONE_BUILD_NUMBER,
+        [CI_PIPELINE_URL]: DRONE_BUILD_LINK,
+        [CI_JOB_NAME]: DRONE_STEP_NAME,
+        [CI_STAGE_NAME]: DRONE_STAGE_NAME,
+        [CI_WORKSPACE_PATH]: DRONE_WORKSPACE,
+        [GIT_REPOSITORY_URL]: DRONE_GIT_HTTP_URL,
+        [GIT_COMMIT_SHA]: DRONE_COMMIT_SHA,
+        [GIT_BRANCH]: DRONE_BRANCH,
+        [GIT_TAG]: DRONE_TAG,
+        [GIT_COMMIT_AUTHOR_NAME]: DRONE_COMMIT_AUTHOR_NAME,
+        [GIT_COMMIT_AUTHOR_EMAIL]: DRONE_COMMIT_AUTHOR_EMAIL,
+        [GIT_COMMIT_MESSAGE]: DRONE_COMMIT_MESSAGE
+      }
+    }
+
     normalizeTag(tags, CI_WORKSPACE_PATH, resolveTilde)
     normalizeTag(tags, GIT_REPOSITORY_URL, filterSensitiveInfoFromRepository)
     normalizeTag(tags, GIT_BRANCH, normalizeRef)

package/packages/dd-trace/src/sampling_rule.js

@@ -41,10 +41,9 @@ function matcher (pattern, locator) {
     return new RegExpMatcher(pattern, locator)
   }
 
-  if (typeof pattern === 'string' && pattern !== '*') {
+  if (typeof pattern === 'string' && pattern !== '*' && pattern !== '**' && pattern !== '***') {
     return new GlobMatcher(pattern, locator)
   }
-
   return new AlwaysMatcher()
 }
 
@@ -63,6 +62,12 @@ function serviceLocator (span) {
     span.tracer()._service
 }
 
+function resourceLocator (span) {
+  const { _tags: tags } = span.context()
+  return tags.resource ||
+    tags['resource.name']
+}
+
 class SamplingRule {
   constructor ({ name, service, resource, tags, sampleRate = 1.0, provenance = undefined, maxPerSecond } = {}) {
     this.matchers = []
@@ -74,7 +79,7 @@ class SamplingRule {
       this.matchers.push(matcher(service, serviceLocator))
     }
     if (resource) {
-      this.matchers.push(matcher(resource, makeTagLocator('resource.name')))
+      this.matchers.push(matcher(resource, resourceLocator))
     }
     for (const [key, value] of Object.entries(tags || {})) {
       this.matchers.push(matcher(value, makeTagLocator(key)))

package/packages/dd-trace/src/telemetry/index.js

@@ -327,7 +327,8 @@ function updateConfig (changes, config) {
     service: 'DD_SERVICE',
     clientIpHeader: 'DD_TRACE_CLIENT_IP_HEADER',
     'grpc.client.error.statuses': 'DD_GRPC_CLIENT_ERROR_STATUSES',
-    'grpc.server.error.statuses': 'DD_GRPC_SERVER_ERROR_STATUSES'
+    'grpc.server.error.statuses': 'DD_GRPC_SERVER_ERROR_STATUSES',
+    traceId128BitLoggingEnabled: 'DD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED'
   }
 
   const namesNeedFormatting = new Set(['DD_TAGS', 'peerServiceMapping', 'serviceMapping'])

package/packages/dd-trace/src/util.js

@@ -26,6 +26,8 @@ function isError (value) {
 function globMatch (pattern, subject) {
   if (typeof pattern === 'string') pattern = pattern.toLowerCase()
   if (typeof subject === 'string') subject = subject.toLowerCase()
+  if (typeof subject === 'number' && Number.isInteger(subject)) subject = String(subject)
+
   let px = 0 // [p]attern inde[x]
   let sx = 0 // [s]ubject inde[x]
   let nextPx = 0

package/register.js

@@ -1,4 +1,6 @@
 const { register } = require('node:module')
 const { pathToFileURL } = require('node:url')
 
-register('./loader-hook.mjs', pathToFileURL(__filename))
+register('./loader-hook.mjs', pathToFileURL(__filename), {
+  data: { exclude: [/langsmith/, /openai\/_shims/, /openai\/resources\/chat\/completions\/messages/] }
+})