dd-trace 5.48.1 → 5.49.1

package/LICENSE-3rdparty.csv

@@ -20,6 +20,7 @@ require,limiter,MIT,Copyright 2011 John Hurliman
 require,lodash.sortby,MIT,Copyright JS Foundation and other contributors
 require,lru-cache,ISC,Copyright (c) 2010-2022 Isaac Z. Schlueter and Contributors
 require,module-details-from-path,MIT,Copyright 2016 Thomas Watson Steen
+require,mutexify,MIT,Copyright (c) 2014 Mathias Buus
 require,opentracing,MIT,Copyright 2016 Resonance Labs Inc
 require,path-to-regexp,MIT,Copyright 2014 Blake Embrey
 require,pprof-format,MIT,Copyright 2022 Stephen Belanger
@@ -31,7 +32,6 @@ require,semifies,Apache license 2.0,Copyright Authors
 require,shell-quote,mit,Copyright (c) 2013 James Halliday
 require,source-map,BSD-3-Clause,Copyright (c) 2009-2011, Mozilla Foundation and contributors
 require,ttl-set,MIT,Copyright (c) 2024 Thomas Watson
-dev,@apollo/server,MIT,Copyright (c) 2016-2020 Apollo Graph, Inc. (Formerly Meteor Development Group, Inc.)
 dev,@babel/helpers,MIT,Copyright (c) 2014-present Sebastian McKenzie and other contributors
 dev,@types/node,MIT,Copyright Authors
 dev,@eslint/eslintrc,MIT,Copyright OpenJS Foundation and other contributors, <www.openjsf.org>
@@ -39,7 +39,6 @@ dev,@eslint/js,MIT,Copyright OpenJS Foundation and other contributors, <www.open
 dev,@msgpack/msgpack,ISC,Copyright 2019 The MessagePack Community
 dev,@stylistic/eslint-plugin-js,MIT,Copyright OpenJS Foundation and other contributors, <www.openjsf.org>
 dev,autocannon,MIT,Copyright 2016 Matteo Collina
-dev,aws-sdk,Apache 2.0,Copyright 2012-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved.
 dev,axios,MIT,Copyright 2014-present Matt Zabriskie
 dev,benchmark,MIT,Copyright 2010-2016 Mathias Bynens Robert Kieffer John-David Dalton
 dev,body-parser,MIT,Copyright 2014 Jonathan Ong 2014-2015 Douglas Christopher Wilson
@@ -48,7 +47,6 @@ dev,chalk,MIT,Copyright Sindre Sorhus
 dev,checksum,MIT,Copyright Daniel D. Shaw
 dev,cli-table3,MIT,Copyright 2014 James Talmage
 dev,dotenv,BSD-2-Clause,Copyright 2015 Scott Motte
-dev,esbuild,MIT,Copyright (c) 2020 Evan Wallace
 dev,eslint,MIT,Copyright JS Foundation and other contributors https://js.foundation
 dev,eslint-config-standard,MIT,Copyright Feross Aboukhadijeh
 dev,eslint-plugin-import,MIT,Copyright 2015 Ben Mosher
@@ -62,7 +60,6 @@ dev,glob,ISC,Copyright Isaac Z. Schlueter and Contributors
 dev,globals,MIT,Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
 dev,graphql,MIT,Copyright 2015 Facebook Inc.
 dev,jszip,MIT,Copyright 2015-2016 Stuart Knightley and contributors
-dev,knex,MIT,Copyright (c) 2013-present Tim Griesser
 dev,mkdirp,MIT,Copyright 2010 James Halliday
 dev,mocha,MIT,Copyright 2011-2018 JS Foundation and contributors https://js.foundation
 dev,multer,MIT,Copyright 2014 Hage Yaapa

package/README.md

@@ -15,7 +15,7 @@
 Most of the documentation for `dd-trace` is available on these webpages:
 
 - [Tracing Node.js Applications](https://docs.datadoghq.com/tracing/languages/nodejs/) - most project documentation, including setup instructions
-- [Configuring the NodeJS Tracing Library](https://docs.datadoghq.com/tracing/trace_collection/library_config/nodejs) - environment variables and config options
+- [Configuring the Node.js Tracing Library](https://docs.datadoghq.com/tracing/trace_collection/library_config/nodejs) - environment variables and config options
 - [API Documentation](https://datadog.github.io/dd-trace-js) - method signatures, plugin list, and some usage examples
 - [APM Terms and Concepts](https://docs.datadoghq.com/tracing/visualization/) - a glossary of concepts applicable across all languages
 
@@ -59,7 +59,7 @@ When a new release line is introduced the previous release line then enters main
 Once that year is up the release line enters End of Life and will not receive new updates.
 The library also follows the Node.js LTS lifecycle wherein new release lines drop compatibility with Node.js versions that reach end-of-life (with the maintenance release line still receiving updates for a year).
 
-For more information about library versioning and compatibility, see the [NodeJS Compatibility Requirements](https://docs.datadoghq.com/tracing/trace_collection/compatibility/nodejs/#releases) page.
+For more information about library versioning and compatibility, see the [Node.js Compatibility Requirements](https://docs.datadoghq.com/tracing/trace_collection/compatibility/nodejs/#releases) page.
 
 Changes associated with each individual release are documented on the [GitHub Releases](https://github.com/DataDog/dd-trace-js/releases) screen.
 

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dd-trace",
-  "version": "5.48.1",
+  "version": "5.49.1",
   "description": "Datadog APM tracing client for JavaScript",
   "main": "index.js",
   "typings": "index.d.ts",
@@ -48,6 +48,7 @@
     "test:integration:cucumber": "mocha --timeout 60000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/cucumber/*.spec.js\"",
     "test:integration:cypress": "mocha --timeout 60000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/cypress/*.spec.js\"",
     "test:integration:debugger": "mocha --timeout 60000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/debugger/*.spec.js\"",
+    "test:integration:esbuild": "mocha --timeout 60000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/esbuild/*.spec.js\"",
     "test:integration:jest": "mocha --timeout 60000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/jest/*.spec.js\"",
     "test:integration:mocha": "mocha --timeout 60000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/mocha/*.spec.js\"",
     "test:integration:playwright": "mocha --timeout 60000 -r \"packages/dd-trace/test/setup/core.js\" \"integration-tests/playwright/*.spec.js\"",
@@ -105,6 +106,7 @@
     "lodash.sortby": "^4.7.0",
     "lru-cache": "^7.14.0",
     "module-details-from-path": "^1.0.3",
+    "mutexify": "^1.4.0",
     "opentracing": ">=0.12.1",
     "path-to-regexp": "^0.1.12",
     "pprof-format": "^2.1.0",
@@ -118,7 +120,6 @@
     "ttl-set": "^1.0.0"
   },
   "devDependencies": {
-    "@apollo/server": "^4.11.0",
     "@babel/helpers": "^7.26.10",
     "@eslint/eslintrc": "^3.2.0",
     "@eslint/js": "^9.19.0",
@@ -126,7 +127,6 @@
     "@stylistic/eslint-plugin-js": "^3.0.1",
     "@types/node": "^16.0.0",
     "autocannon": "^4.5.2",
-    "aws-sdk": "^2.1446.0",
     "axios": "^1.8.2",
     "benchmark": "^2.1.4",
     "body-parser": "^1.20.3",
@@ -135,7 +135,6 @@
     "checksum": "^1.0.0",
     "cli-table3": "^0.6.3",
     "dotenv": "16.3.1",
-    "esbuild": "^0.25.0",
     "eslint": "^9.19.0",
     "eslint-config-standard": "^17.1.0",
     "eslint-plugin-import": "^2.31.0",
@@ -144,12 +143,11 @@
     "eslint-plugin-promise": "^7.2.1",
     "eslint-plugin-unicorn": "^57.0.0",
     "express": "^4.21.2",
-    "get-port": "^3.2.0",
+    "get-port": "^5.1.1",
     "glob": "^7.1.6",
     "globals": "^15.10.0",
     "graphql": "0.13.2",
     "jszip": "^3.5.0",
-    "knex": "^2.4.2",
     "mkdirp": "^3.0.1",
     "mocha": "^10",
     "multer": "^1.4.5-lts.1",

package/packages/datadog-esbuild/index.js

@@ -47,8 +47,7 @@ const DEBUG = !!process.env.DD_TRACE_DEBUG
 // Those packages will still be handled via RITM
 // Attempting to instrument them would fail as they have no package.json file
 for (const pkg of INSTRUMENTED) {
-  if (builtins.has(pkg)) continue
-  if (pkg.startsWith('node:')) continue
+  if (builtins.has(pkg) || pkg.startsWith('node:')) continue
   modulesOfInterest.add(pkg)
 }
 
@@ -71,7 +70,9 @@ module.exports.setup = function (build) {
     }
 
     // TODO: Should this also check for namespace === 'file'?
-    if (args.path.startsWith('@') && !args.importer.includes('node_modules/')) {
+    if (!modulesOfInterest.has(args.path) &&
+        args.path.startsWith('@') &&
+        !args.importer.includes('node_modules/')) {
       // This is the Next.js convention for loading local files
       if (DEBUG) console.log(`@LOCAL: ${args.path}`)
       return

package/packages/datadog-instrumentations/src/playwright.js

@@ -761,9 +761,17 @@ addHook({
     return rootSuite
   }
 
-  loadUtilsPackage.createRootSuite = newCreateRootSuite
+  // We need to proxy the createRootSuite function because the function is not configurable
+  const proxy = new Proxy(loadUtilsPackage, {
+    get (target, prop) {
+      if (prop === 'createRootSuite') {
+        return newCreateRootSuite
+      }
+      return target[prop]
+    }
+  })
 
-  return loadUtilsPackage
+  return proxy
 })
 
 // main process hook
@@ -805,19 +813,25 @@ addHook({
 
     const page = this
 
-    const isRumActive = await page.evaluate(() => {
-      if (window.DD_RUM && window.DD_RUM.getInternalContext) {
-        return !!window.DD_RUM.getInternalContext()
-      } else {
-        return false
-      }
-    })
+    try {
+      if (page) {
+        const isRumActive = await page.evaluate(() => {
+          if (window.DD_RUM && window.DD_RUM.getInternalContext) {
+            return !!window.DD_RUM.getInternalContext()
+          } else {
+            return false
+          }
+        })
 
-    if (isRumActive) {
-      testPageGotoCh.publish({
-        isRumActive,
-        page
-      })
+        if (isRumActive) {
+          testPageGotoCh.publish({
+            isRumActive,
+            page
+          })
+        }
+      }
+    } catch (e) {
+      // ignore errors such as redirects, context destroyed, etc
     }
 
     return response

package/packages/datadog-plugin-aws-sdk/src/services/dynamodb.js

@@ -164,7 +164,6 @@ class DynamoDb extends BaseAwsSdkPlugin {
       return
     }
     if (!primaryKeyConfig) {
-      log.warn('Missing DD_TRACE_DYNAMODB_TABLE_PRIMARY_KEYS env variable')
       return
     }
     const primaryKeySet = primaryKeyConfig[tableName]

package/packages/datadog-shimmer/src/shimmer.js

@@ -1,7 +1,5 @@
 'use strict'
 
-const log = require('../../dd-trace/src/log')
-
 function copyProperties (original, wrapped) {
   // TODO getPrototypeOf is not fast. Should we instead do this in specific
   // instrumentations where needed?
@@ -24,9 +22,7 @@ function copyProperties (original, wrapped) {
 function wrapFunction (original, wrapper) {
   if (typeof original === 'function') assertNotClass(original)
 
-  const wrapped = safeMode
-    ? safeWrapper(original, wrapper)
-    : wrapper(original)
+  const wrapped = wrapper(original)
 
   if (typeof original === 'function') copyProperties(original, wrapped)
 
@@ -37,36 +33,6 @@ const wrapFn = function (original, delegate) {
   throw new Error('calling `wrap()` with 2 args is deprecated. Use wrapFunction instead.')
 }
 
-// This is only used in safe mode. It's a simple state machine to track if the
-// original method was called and if it returned. We need this to determine if
-// an error was thrown by the original method, or by us. We'll use one of these
-// per call to a wrapped method.
-class CallState {
-  constructor () {
-    this.called = false
-    this.completed = false
-    this.retVal = undefined
-  }
-
-  startCall () {
-    this.called = true
-  }
-
-  endCall (retVal) {
-    this.completed = true
-    this.retVal = retVal
-  }
-}
-
-function isPromise (obj) {
-  return obj && typeof obj === 'object' && typeof obj.then === 'function'
-}
-
-let safeMode = !!process.env.DD_INEJCTION_ENABLED
-function setSafe (value) {
-  safeMode = value
-}
-
 function wrapMethod (target, name, wrapper, noAssert) {
   if (!noAssert) {
     assertMethod(target, name)
@@ -74,9 +40,7 @@ function wrapMethod (target, name, wrapper, noAssert) {
   }
 
   const original = target[name]
-  const wrapped = safeMode && original
-    ? safeWrapper(original, wrapper)
-    : wrapper(original)
+  const wrapped = wrapper(original)
 
   const descriptor = Object.getOwnPropertyDescriptor(target, name)
 
@@ -110,94 +74,6 @@ function wrapMethod (target, name, wrapper, noAssert) {
   return target
 }
 
-function safeWrapper (original, wrapper) {
-  // In this mode, we make a best-effort attempt to handle errors that are thrown
-  // by us, rather than wrapped code. With such errors, we log them, and then attempt
-  // to return the result as if no wrapping was done at all.
-  //
-  // Caveats:
-  //   * If the original function is called in a later iteration of the event loop,
-  //     and we throw _then_, then it won't be caught by this. In practice, we always call
-  //     the original function synchronously, so this is not a problem.
-  //   * While async errors are dealt with here, errors in callbacks are not. This
-  //     is because we don't necessarily know _for sure_ that any function arguments
-  //     are wrapped by us. We could wrap them all anyway and just make that assumption,
-  //     or just assume that the last argument is always a callback set by us if it's a
-  //     function, but those don't seem like things we can rely on. We could add a
-  //     `shimmer.markCallbackAsWrapped()` function that's a no-op outside safe-mode,
-  //     but that means modifying every instrumentation. Even then, the complexity of
-  //     this code increases because then we'd need to effectively do the reverse of
-  //     what we're doing for synchronous functions. This is a TODO.
-
-  // We're going to hold on to current callState in this variable in this scope,
-  // which is fine because any time we reference it, we're referencing it synchronously.
-  // We'll use it in the our wrapper (which, again, is called syncrhonously), and in the
-  // errorHandler, which will already have been bound to this callState.
-  let currentCallState
-
-  // Rather than calling the original function directly from the shim wrapper, we wrap
-  // it again so that we can track if it was called and if it returned. This is because
-  // we need to know if an error was thrown by the original function, or by us.
-  // We could do this inside the `wrapper` function defined below, which would simplify
-  // managing the callState, but then we'd be calling `wrapper` on each invocation, so
-  // instead we do it here, once.
-  const innerWrapped = wrapper(function (...args) {
-    // We need to stash the callState here because of recursion.
-    const callState = currentCallState
-    callState.startCall()
-    const retVal = original.apply(this, args)
-    if (isPromise(retVal)) {
-      retVal.then(callState.endCall.bind(callState))
-    } else {
-      callState.endCall(retVal)
-    }
-    return retVal
-  })
-
-  // This is the crux of what we're doing in safe mode. It handles errors
-  // that _we_ cause, by logging them, and transparently providing results
-  // as if no wrapping was done at all. That means detecting (via callState)
-  // whether the function has already run or not, and if it has, returning
-  // the result, and otherwise calling the original function unwrapped.
-  const handleError = function (args, callState, e) {
-    if (callState.completed) {
-      // error was thrown after original function returned/resolved, so
-      // it was us. log it.
-      log.error('Shimmer error was thrown after original function returned/resolved', e)
-      // original ran and returned something. return it.
-      return callState.retVal
-    }
-
-    if (!callState.called) {
-      // error was thrown before original function was called, so
-      // it was us. log it.
-      log.error('Shimmer error was thrown before original function was called', e)
-      // original never ran. call it unwrapped.
-      return original.apply(this, args)
-    }
-
-    // error was thrown during original function execution, so
-    // it was them. throw.
-    throw e
-  }
-
-  // The wrapped function is the one that will be called by the user.
-  // It calls our version of the original function, which manages the
-  // callState. That way when we use the errorHandler, it can tell where
-  // the error originated.
-  return function (...args) {
-    currentCallState = new CallState()
-    const errorHandler = handleError.bind(this, args, currentCallState)
-
-    try {
-      const retVal = innerWrapped.apply(this, args)
-      return isPromise(retVal) ? retVal.catch(errorHandler) : retVal
-    } catch (e) {
-      return errorHandler(e)
-    }
-  }
-}
-
 function wrap (target, name, wrapper) {
   return typeof name === 'function'
     ? wrapFn(target, name)
@@ -256,6 +132,5 @@ function assertNotClass (target) {
 module.exports = {
   wrap,
   wrapFunction,
-  massWrap,
-  setSafe
+  massWrap
 }

package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/evidence-redaction/sensitive-analyzers/ldap-sensitive-analyzer.js

@@ -13,7 +13,7 @@ module.exports = function extractSensitiveRanges (evidence) {
     let regexResult = pattern.exec(evidence.value)
     while (regexResult != null) {
       if (!regexResult.groups.LITERAL) continue
-      // Computing indices manually since NodeJs 12 does not support d flag on regular expressions
+      // Computing indices manually since Node.js 12 does not support d flag on regular expressions
       // TODO Get indices from group by adding d flag in regular expression
       const start = regexResult.index + (regexResult[0].length - regexResult.groups.LITERAL.length - 1)
       const end = start + regexResult.groups.LITERAL.length

package/packages/dd-trace/src/config.js

@@ -530,7 +530,7 @@ class Config {
     this._setValue(defaults, 'isManualApiEnabled', false)
     this._setValue(defaults, 'langchain.spanCharLimit', 128)
     this._setValue(defaults, 'langchain.spanPromptCompletionSampleRate', 1.0)
-    this._setValue(defaults, 'llmobs.agentlessEnabled', false)
+    this._setValue(defaults, 'llmobs.agentlessEnabled', undefined)
     this._setValue(defaults, 'llmobs.enabled', false)
     this._setValue(defaults, 'llmobs.mlApp', undefined)
     this._setValue(defaults, 'ciVisibilityTestSessionName', '')
@@ -594,10 +594,10 @@ class Config {
     this._setValue(defaults, 'url', undefined)
     this._setValue(defaults, 'version', pkg.version)
     this._setValue(defaults, 'instrumentation_config_id', undefined)
-    this._setValue(defaults, 'aws.dynamoDb.tablePrimaryKeys', undefined)
     this._setValue(defaults, 'vertexai.spanCharLimit', 128)
     this._setValue(defaults, 'vertexai.spanPromptCompletionSampleRate', 1.0)
     this._setValue(defaults, 'trace.aws.addSpanPointers', true)
+    this._setValue(defaults, 'trace.dynamoDb.tablePrimaryKeys', undefined)
     this._setValue(defaults, 'trace.nativeSpanEvents', false)
   }
 

package/packages/dd-trace/src/debugger/devtools_client/breakpoints.js

@@ -1,7 +1,7 @@
 'use strict'
 
+const lock = require('mutexify/promise')()
 const { getGeneratedPosition } = require('./source-maps')
-const lock = require('./lock')()
 const session = require('./session')
 const { compile: compileCondition, compileSegments, templateRequiresEvaluation } = require('./condition')
 const { MAX_SNAPSHOTS_PER_SECOND_PER_PROBE, MAX_NON_SNAPSHOTS_PER_SECOND_PER_PROBE } = require('./defaults')
@@ -64,14 +64,14 @@ async function addBreakpoint (probe) {
   const release = await lock()
 
   try {
-    log.debug(
-      '[debugger:devtools_client] Adding breakpoint at %s:%d:%d (probe: %s, version: %d)',
-      url, lineNumber, columnNumber, probe.id, probe.version
-    )
-
     const locationKey = generateLocationKey(scriptId, lineNumber, columnNumber)
     const breakpoint = locationToBreakpoint.get(locationKey)
 
+    log.debug(
+      '[debugger:devtools_client] %s breakpoint at %s:%d:%d (probe: %s, version: %d)',
+      breakpoint ? 'Updating' : 'Adding', url, lineNumber, columnNumber, probe.id, probe.version
+    )
+
     if (breakpoint) {
       // A breakpoint already exists at this location, so we need to add the probe to the existing breakpoint
       await updateBreakpoint(breakpoint, probe)
@@ -82,10 +82,15 @@ async function addBreakpoint (probe) {
         lineNumber: lineNumber - 1, // Beware! lineNumber is zero-indexed
         columnNumber
       }
-      const result = await session.post('Debugger.setBreakpoint', {
-        location,
-        condition: probe.condition
-      })
+      let result
+      try {
+        result = await session.post('Debugger.setBreakpoint', {
+          location,
+          condition: probe.condition
+        })
+      } catch (err) {
+        throw new Error(`Error setting breakpoint for probe ${probe.id}`, { cause: err })
+      }
       probeToLocation.set(probe.id, locationKey)
       locationToBreakpoint.set(locationKey, { id: result.breakpointId, location, locationKey })
       breakpointToProbes.set(result.breakpointId, new Map([[probe.id, probe]]))
@@ -120,7 +125,11 @@ async function removeBreakpoint ({ id }) {
       if (breakpointToProbes.size === 0) {
         await stop() // TODO: Will this actually delete the breakpoint?
       } else {
-        await session.post('Debugger.removeBreakpoint', { breakpointId: breakpoint.id })
+        try {
+          await session.post('Debugger.removeBreakpoint', { breakpointId: breakpoint.id })
+        } catch (err) {
+          throw new Error(`Error removing breakpoint for probe ${id}`, { cause: err })
+        }
       }
     } else {
       await updateBreakpoint(breakpoint)
@@ -144,12 +153,21 @@ async function updateBreakpoint (breakpoint, probe) {
   const condition = compileCompoundCondition(Array.from(probesAtLocation.values()))
 
   if (condition || conditionBeforeNewProbe !== condition) {
-    await session.post('Debugger.removeBreakpoint', { breakpointId: breakpoint.id })
+    try {
+      await session.post('Debugger.removeBreakpoint', { breakpointId: breakpoint.id })
+    } catch (err) {
+      throw new Error(`Error removing breakpoint for probe ${probe.id}`, { cause: err })
+    }
     breakpointToProbes.delete(breakpoint.id)
-    const result = await session.post('Debugger.setBreakpoint', {
-      location: breakpoint.location,
-      condition
-    })
+    let result
+    try {
+      result = await session.post('Debugger.setBreakpoint', {
+        location: breakpoint.location,
+        condition
+      })
+    } catch (err) {
+      throw new Error(`Error setting breakpoint for probe ${probe.id}`, { cause: err })
+    }
     breakpoint.id = result.breakpointId
     breakpointToProbes.set(result.breakpointId, probesAtLocation)
   }

package/packages/dd-trace/src/debugger/devtools_client/remote_config.js

@@ -1,7 +1,7 @@
 'use strict'
 
 const { workerData: { rcPort } } = require('node:worker_threads')
-const lock = require('./lock')()
+const lock = require('mutexify/promise')()
 const { addBreakpoint, removeBreakpoint } = require('./breakpoints')
 const { ackReceived, ackInstalled, ackError } = require('./status')
 const log = require('../../log')

package/packages/dd-trace/src/debugger/devtools_client/send.js

@@ -26,7 +26,7 @@ const ddtags = [
   ['host_name', hostname],
   [GIT_COMMIT_SHA, config.commitSHA],
   [GIT_REPOSITORY_URL, config.repositoryUrl]
-].map((pair) => pair.join(':')).join(',')
+].filter(([, value]) => value !== undefined).map((pair) => pair.join(':')).join(',')
 
 const path = `/debugger/v1/input?${stringify({ ddtags })}`
 

package/packages/dd-trace/src/llmobs/constants/writers.js

@@ -1,12 +1,16 @@
 'use strict'
 
 module.exports = {
-  EVP_PROXY_AGENT_BASE_PATH: 'evp_proxy/v2',
-  EVP_PROXY_AGENT_ENDPOINT: 'evp_proxy/v2/api/v2/llmobs',
+  EVP_PROXY_AGENT_BASE_PATH: '/evp_proxy/v2/',
   EVP_SUBDOMAIN_HEADER_NAME: 'X-Datadog-EVP-Subdomain',
-  EVP_SUBDOMAIN_HEADER_VALUE: 'llmobs-intake',
-  AGENTLESS_SPANS_ENDPOINT: '/api/v2/llmobs',
-  AGENTLESS_EVALULATIONS_ENDPOINT: '/api/intake/llm-obs/v1/eval-metric',
+
+  SPANS_EVENT_TYPE: 'span',
+  SPANS_INTAKE: 'llmobs-intake',
+  SPANS_ENDPOINT: '/api/v2/llmobs',
+
+  EVALUATIONS_INTAKE: 'api',
+  EVALUATIONS_EVENT_TYPE: 'evaluation_metric',
+  EVALUATIONS_ENDPOINT: '/api/intake/llm-obs/v1/eval-metric',
 
   EVP_PAYLOAD_SIZE_LIMIT: 5 << 20, // 5MB (actual limit is 5.1MB)
   EVP_EVENT_SIZE_LIMIT: (1 << 20) - 1024 // 999KB (actual limit is 1MB)

package/packages/dd-trace/src/llmobs/index.js

@@ -13,9 +13,9 @@ const evalMetricAppendCh = channel('llmobs:eval-metric:append')
 const flushCh = channel('llmobs:writers:flush')
 const injectCh = channel('dd-trace:span:inject')
 
-const LLMObsAgentlessSpanWriter = require('./writers/spans/agentless')
-const LLMObsAgentProxySpanWriter = require('./writers/spans/agentProxy')
 const LLMObsEvalMetricsWriter = require('./writers/evaluations')
+const LLMObsSpanWriter = require('./writers/spans')
+const { setAgentStrategy } = require('./writers/util')
 
 /**
  * Setting writers and processor globally when LLMObs is enabled
@@ -25,8 +25,14 @@ const LLMObsEvalMetricsWriter = require('./writers/evaluations')
  * if the tracer is `init`ed. But, in those cases, we don't want to start writers or subscribe
  * to channels.
  */
+
+/** @type {LLMObsSpanProcessor | null} */
 let spanProcessor
+
+/** @type {LLMObsSpanWriter | null} */
 let spanWriter
+
+/** @type {LLMObsEvalMetricsWriter | null} */
 let evalWriter
 
 function enable (config) {
@@ -34,7 +40,7 @@ function enable (config) {
   // create writers and eval writer append and flush channels
   // span writer append is handled by the span processor
   evalWriter = new LLMObsEvalMetricsWriter(config)
-  spanWriter = createSpanWriter(config)
+  spanWriter = new LLMObsSpanWriter(config)
 
   evalMetricAppendCh.subscribe(handleEvalMetricAppend)
   flushCh.subscribe(handleFlush)
@@ -46,7 +52,20 @@ function enable (config) {
 
   // distributed tracing for llmobs
   injectCh.subscribe(handleLLMObsParentIdInjection)
-  telemetry.recordLLMObsEnabled(startTime, config)
+
+  setAgentStrategy(config, useAgentless => {
+    if (useAgentless && !(config.apiKey && config.site)) {
+      throw new Error(
+        'Cannot send LLM Observability data without a running agent or without both a Datadog API key and site.\n' +
+        'Ensure these configurations are set before running your application.'
+      )
+    }
+
+    evalWriter?.setAgentless(useAgentless)
+    spanWriter?.setAgentless(useAgentless)
+
+    telemetry.recordLLMObsEnabled(startTime, config)
+  })
 }
 
 function disable () {
@@ -74,11 +93,6 @@ function handleLLMObsParentIdInjection ({ carrier }) {
   carrier['x-datadog-tags'] += `,${PROPAGATED_PARENT_ID_KEY}=${parentId}`
 }
 
-function createSpanWriter (config) {
-  const SpanWriter = config.llmobs.agentlessEnabled ? LLMObsAgentlessSpanWriter : LLMObsAgentProxySpanWriter
-  return new SpanWriter(config)
-}
-
 function handleFlush () {
   try {
     spanWriter.flush()

package/packages/dd-trace/src/llmobs/sdk.js

@@ -287,13 +287,6 @@ class LLMObs extends NoopLLMObs {
   submitEvaluation (llmobsSpanContext, options = {}) {
     if (!this.enabled) return
 
-    if (!this._config.apiKey) {
-      throw new Error(
-        'DD_API_KEY is required for sending evaluation metrics. Evaluation metric data will not be sent.\n' +
-        'Ensure this configuration is set before running your application.'
-      )
-    }
-
     const { traceId, spanId } = llmobsSpanContext
     if (!traceId || !spanId) {
       throw new Error(

package/packages/dd-trace/src/llmobs/writers/base.js

@@ -1,16 +1,22 @@
 'use strict'
 
 const request = require('../../exporters/common/request')
-const { URL, format } = require('url')
+const { URL, format } = require('node:url')
+const path = require('node:path')
 
 const logger = require('../../log')
 
 const { encodeUnicode } = require('../util')
 const telemetry = require('../telemetry')
 const log = require('../../log')
+const {
+  EVP_SUBDOMAIN_HEADER_NAME,
+  EVP_PROXY_AGENT_BASE_PATH
+} = require('../constants/writers')
+const { parseResponseAndLog } = require('./util')
 
 class BaseLLMObsWriter {
-  constructor ({ interval, timeout, endpoint, intake, eventType, protocol, port }) {
+  constructor ({ interval, timeout, eventType, config, endpoint, intake }) {
     this._interval = interval || 1000 // 1s
     this._timeout = timeout || 5000 // 5s
     this._eventType = eventType
@@ -19,28 +25,20 @@ class BaseLLMObsWriter {
     this._bufferLimit = 1000
     this._bufferSize = 0
 
-    this._url = new URL(format({
-      protocol: protocol || 'https:',
-      hostname: intake,
-      port: port || 443,
-      pathname: endpoint
-    }))
-
-    this._headers = {
-      'Content-Type': 'application/json'
-    }
+    this._config = config
+    this._endpoint = endpoint
+    this._intake = intake
 
     this._periodic = setInterval(() => {
       this.flush()
     }, this._interval).unref()
 
-    process.once('beforeExit', () => {
+    this._beforeExitHandler = () => {
       this.destroy()
-    })
+    }
+    process.once('beforeExit', this._beforeExitHandler)
 
     this._destroyed = false
-
-    logger.debug(`Started ${this.constructor.name} to ${this._url}`)
   }
 
   append (event, byteLength) {
@@ -55,7 +53,9 @@ class BaseLLMObsWriter {
   }
 
   flush () {
-    if (this._buffer.length === 0) {
+    const noAgentStrategy = this._agentless == null
+
+    if (this._buffer.length === 0 || noAgentStrategy) {
       return
     }
 
@@ -64,29 +64,12 @@ class BaseLLMObsWriter {
     this._bufferSize = 0
     const payload = this._encode(this.makePayload(events))
 
-    const options = {
-      headers: this._headers,
-      method: 'POST',
-      url: this._url,
-      timeout: this._timeout
-    }
-
     log.debug(`Encoded LLMObs payload: ${payload}`)
 
+    const options = this._getOptions()
+
     request(payload, options, (err, resp, code) => {
-      if (err) {
-        logger.error(
-          'Error sending %d LLMObs %s events to %s: %s', events.length, this._eventType, this._url, err.message, err
-        )
-        telemetry.recordDroppedPayload(events.length, this._eventType, 'request_error')
-      } else if (code >= 300) {
-        logger.error(
-          'Error sending %d LLMObs %s events to %s: %s', events.length, this._eventType, this._url, code
-        )
-        telemetry.recordDroppedPayload(events.length, this._eventType, 'http_error')
-      } else {
-        logger.debug(`Sent ${events.length} LLMObs ${this._eventType} events to ${this._url}`)
-      }
+      parseResponseAndLog(err, code, events.length, options.url.href, this._eventType)
     })
   }
 
@@ -96,12 +79,57 @@ class BaseLLMObsWriter {
     if (!this._destroyed) {
       logger.debug(`Stopping ${this.constructor.name}`)
       clearInterval(this._periodic)
-      process.removeListener('beforeExit', this.destroy)
+      process.removeListener('beforeExit', this._beforeExitHandler)
       this.flush()
       this._destroyed = true
     }
   }
 
+  setAgentless (agentless) {
+    this._agentless = agentless
+    this._url = this._getUrl()
+    logger.debug(`Configuring ${this.constructor.name} to ${this._url.href}`)
+  }
+
+  _getUrl () {
+    if (this._agentless) {
+      return new URL(format({
+        protocol: 'https:',
+        hostname: `${this._intake}.${this._config.site}`,
+        pathname: this._endpoint
+      }))
+    }
+
+    const { hostname, port } = this._config
+    const base = this._config.url || new URL(format({
+      protocol: 'http:',
+      hostname,
+      port
+    }))
+
+    const proxyPath = path.join(EVP_PROXY_AGENT_BASE_PATH, this._endpoint)
+    return new URL(proxyPath, base)
+  }
+
+  _getOptions () {
+    const options = {
+      headers: {
+        'Content-Type': 'application/json'
+      },
+      method: 'POST',
+      timeout: this._timeout,
+      url: this._url
+    }
+
+    if (this._agentless) {
+      options.headers['DD-API-KEY'] = this._config.apiKey || ''
+    } else {
+      options.headers[EVP_SUBDOMAIN_HEADER_NAME] = this._intake
+    }
+
+    return options
+  }
+
   _encode (payload) {
     return JSON.stringify(payload, (key, value) => {
       if (typeof value === 'string') {

package/packages/dd-trace/src/llmobs/writers/evaluations.js

@@ -1,17 +1,20 @@
 'use strict'
 
-const { AGENTLESS_EVALULATIONS_ENDPOINT } = require('../constants/writers')
+const {
+  EVALUATIONS_ENDPOINT,
+  EVALUATIONS_EVENT_TYPE,
+  EVALUATIONS_INTAKE
+} = require('../constants/writers')
 const BaseWriter = require('./base')
 
 class LLMObsEvalMetricsWriter extends BaseWriter {
   constructor (config) {
     super({
-      endpoint: AGENTLESS_EVALULATIONS_ENDPOINT,
-      intake: `api.${config.site}`,
-      eventType: 'evaluation_metric'
+      config,
+      intake: EVALUATIONS_INTAKE,
+      eventType: EVALUATIONS_EVENT_TYPE,
+      endpoint: EVALUATIONS_ENDPOINT
     })
-
-    this._headers['DD-API-KEY'] = config.apiKey
   }
 
   makePayload (events) {

package/packages/dd-trace/src/llmobs/writers/{spans/base.js → spans.js}

@@ -1,19 +1,27 @@
 'use strict'
 
-const { EVP_EVENT_SIZE_LIMIT, EVP_PAYLOAD_SIZE_LIMIT } = require('../../constants/writers')
-const { DROPPED_VALUE_TEXT } = require('../../constants/text')
-const { DROPPED_IO_COLLECTION_ERROR } = require('../../constants/tags')
-const BaseWriter = require('../base')
-const telemetry = require('../../telemetry')
-const logger = require('../../../log')
+const {
+  EVP_EVENT_SIZE_LIMIT,
+  EVP_PAYLOAD_SIZE_LIMIT,
+  SPANS_ENDPOINT,
+  SPANS_EVENT_TYPE,
+  SPANS_INTAKE
+} = require('../constants/writers')
+const { DROPPED_VALUE_TEXT } = require('../constants/text')
+const { DROPPED_IO_COLLECTION_ERROR } = require('../constants/tags')
+const BaseWriter = require('./base')
+const telemetry = require('../telemetry')
+const logger = require('../../log')
 
-const tracerVersion = require('../../../../../../package.json').version
+const tracerVersion = require('../../../../../package.json').version
 
 class LLMObsSpanWriter extends BaseWriter {
-  constructor (options) {
+  constructor (config) {
     super({
-      ...options,
-      eventType: 'span'
+      config,
+      eventType: SPANS_EVENT_TYPE,
+      intake: SPANS_INTAKE,
+      endpoint: SPANS_ENDPOINT
     })
   }
 
@@ -33,11 +41,11 @@ class LLMObsSpanWriter extends BaseWriter {
     telemetry.recordLLMObsSpanSize(event, processedEventSizeBytes, shouldTruncate)
 
     if (this._bufferSize + eventSizeBytes > EVP_PAYLOAD_SIZE_LIMIT) {
-      logger.debug('Flusing queue because queing next event will exceed EvP payload limit')
+      logger.debug('Flushing queue because queuing next event will exceed EvP payload limit')
       this.flush()
     }
 
-    super.append(event, eventSizeBytes)
+    super.append(event, processedEventSizeBytes)
   }
 
   makePayload (events) {

package/packages/dd-trace/src/llmobs/writers/util.js

@@ -0,0 +1,60 @@
+'use strict'
+
+const logger = require('../../log')
+const { EVP_PROXY_AGENT_BASE_PATH } = require('../constants/writers')
+const telemetry = require('../telemetry')
+
+const AgentInfoExporter = require('../../exporters/common/agent-info-exporter')
+/** @type {AgentInfoExporter} */
+let agentInfoExporter
+
+function setAgentStrategy (config, setWritersAgentlessValue) {
+  const agentlessEnabled = config.llmobs.agentlessEnabled
+
+  if (agentlessEnabled != null) {
+    setWritersAgentlessValue(agentlessEnabled)
+    return
+  }
+
+  if (!agentInfoExporter) {
+    agentInfoExporter = new AgentInfoExporter(config)
+  }
+
+  agentInfoExporter.getAgentInfo((err, agentInfo) => {
+    if (err) {
+      setWritersAgentlessValue(true)
+      return
+    }
+
+    const endpoints = agentInfo.endpoints
+    const hasEndpoint = Array.isArray(endpoints) && endpoints.some(endpoint => endpoint === EVP_PROXY_AGENT_BASE_PATH)
+    setWritersAgentlessValue(!hasEndpoint)
+  })
+}
+
+function parseResponseAndLog (err, code, eventsLength, url, eventType) {
+  if (code === 403 && err.message.includes('API key is invalid')) {
+    logger.error(
+      '[LLMObs] The provided Datadog API key is invalid (likely due to an API key and DD_SITE mismatch). ' +
+      'Please verify your API key and DD_SITE are correct.'
+    )
+    telemetry.recordDroppedPayload(eventsLength, eventType, 'request_error')
+  } else if (err) {
+    logger.error(
+      'Error sending %d LLMObs %s events to %s: %s', eventsLength, eventType, url, err.message, err
+    )
+    telemetry.recordDroppedPayload(eventsLength, eventType, 'request_error')
+  } else if (code >= 300) {
+    logger.error(
+      'Error sending %d LLMObs %s events to %s: %s', eventsLength, eventType, url, code
+    )
+    telemetry.recordDroppedPayload(eventsLength, eventType, 'http_error')
+  } else {
+    logger.debug(`Sent ${eventsLength} LLMObs ${eventType} events to ${url}`)
+  }
+}
+
+module.exports = {
+  setAgentStrategy,
+  parseResponseAndLog
+}

package/packages/dd-trace/src/debugger/devtools_client/lock.js

@@ -1,8 +0,0 @@
-'use strict'
-
-module.exports = () => async function lock () {
-  if (lock.p) await lock.p
-  let resolve
-  lock.p = new Promise((_resolve) => { resolve = _resolve }).then(() => { lock.p = null })
-  return resolve
-}

package/packages/dd-trace/src/llmobs/writers/spans/agentProxy.js

@@ -1,23 +0,0 @@
-'use strict'
-
-const {
-  EVP_SUBDOMAIN_HEADER_NAME,
-  EVP_SUBDOMAIN_HEADER_VALUE,
-  EVP_PROXY_AGENT_ENDPOINT
-} = require('../../constants/writers')
-const LLMObsBaseSpanWriter = require('./base')
-
-class LLMObsAgentProxySpanWriter extends LLMObsBaseSpanWriter {
-  constructor (config) {
-    super({
-      intake: config.url?.hostname || config.hostname || 'localhost',
-      protocol: config.url?.protocol || 'http:',
-      endpoint: EVP_PROXY_AGENT_ENDPOINT,
-      port: config.url?.port || config.port
-    })
-
-    this._headers[EVP_SUBDOMAIN_HEADER_NAME] = EVP_SUBDOMAIN_HEADER_VALUE
-  }
-}
-
-module.exports = LLMObsAgentProxySpanWriter

package/packages/dd-trace/src/llmobs/writers/spans/agentless.js

@@ -1,17 +0,0 @@
-'use strict'
-
-const { AGENTLESS_SPANS_ENDPOINT } = require('../../constants/writers')
-const LLMObsBaseSpanWriter = require('./base')
-
-class LLMObsAgentlessSpanWriter extends LLMObsBaseSpanWriter {
-  constructor (config) {
-    super({
-      intake: `llmobs-intake.${config.site}`,
-      endpoint: AGENTLESS_SPANS_ENDPOINT
-    })
-
-    this._headers['DD-API-KEY'] = config.apiKey
-  }
-}
-
-module.exports = LLMObsAgentlessSpanWriter