dd-trace 5.60.0 → 5.61.0

package/packages/datadog-plugin-langchain/src/handlers/language_models.js

@@ -0,0 +1,18 @@
+'use strict'
+
+const LangChainHandler = require('./default')
+
+class LangChainLanguageModelHandler extends LangChainHandler {
+  extractProvider (instance) {
+    return typeof instance._llmType === 'function' && instance._llmType().split('-')[0]
+  }
+
+  extractModel (instance) {
+    for (const attr of ['model', 'modelName', 'modelId', 'modelKey', 'repoId']) {
+      const modelName = instance[attr]
+      if (modelName) return modelName
+    }
+  }
+}
+
+module.exports = LangChainLanguageModelHandler

package/packages/datadog-plugin-langchain/src/tracing.js

@@ -4,15 +4,12 @@ const { MEASURED } = require('../../../ext/tags')
 const { storage } = require('../../datadog-core')
 const TracingPlugin = require('../../dd-trace/src/plugins/tracing')
 
-const API_KEY = 'langchain.request.api_key'
 const MODEL = 'langchain.request.model'
 const PROVIDER = 'langchain.request.provider'
 const TYPE = 'langchain.request.type'
 
 const LangChainHandler = require('./handlers/default')
-const LangChainChatModelHandler = require('./handlers/language_models/chat_model')
-const LangChainLLMHandler = require('./handlers/language_models/llm')
-const LangChainChainHandler = require('./handlers/chain')
+const LangChainLanguageModelHandler = require('./handlers/language_models')
 const LangChainEmbeddingHandler = require('./handlers/embedding')
 
 class BaseLangChainTracingPlugin extends TracingPlugin {
@@ -24,9 +21,9 @@ class BaseLangChainTracingPlugin extends TracingPlugin {
     super(...arguments)
 
     this.handlers = {
-      chain: new LangChainChainHandler(this._tracerConfig),
-      chat_model: new LangChainChatModelHandler(this._tracerConfig),
-      llm: new LangChainLLMHandler(this._tracerConfig),
+      chain: new LangChainHandler(this._tracerConfig),
+      chat_model: new LangChainLanguageModelHandler(this._tracerConfig),
+      llm: new LangChainLanguageModelHandler(this._tracerConfig),
       embedding: new LangChainEmbeddingHandler(this._tracerConfig),
       default: new LangChainHandler(this._tracerConfig)
     }
@@ -50,7 +47,6 @@ class BaseLangChainTracingPlugin extends TracingPlugin {
     const handler = this.handlers[type] || this.handlers.default
 
     const instance = ctx.instance
-    const apiKey = handler.extractApiKey(instance)
     const provider = handler.extractProvider(instance)
     const model = handler.extractModel(instance)
 
@@ -63,9 +59,8 @@ class BaseLangChainTracingPlugin extends TracingPlugin {
       }
     }, false)
 
-    const tags = handler.getSpanStartTags(ctx, provider, span) || []
+    const tags = {}
 
-    if (apiKey) tags[API_KEY] = apiKey
     if (provider) tags[PROVIDER] = provider
     if (model) tags[MODEL] = model
     if (type) tags[TYPE] = type
@@ -81,13 +76,6 @@ class BaseLangChainTracingPlugin extends TracingPlugin {
   asyncEnd (ctx) {
     const span = ctx.currentStore.span
 
-    const { type } = ctx
-
-    const handler = this.handlers[type] || this.handlers.default
-    const tags = handler.getSpanEndTags(ctx, span) || {}
-
-    span.addTags(tags)
-
     span.finish()
   }
 

package/packages/dd-trace/src/appsec/iast/analyzers/cookie-analyzer.js

@@ -3,7 +3,14 @@
 const Analyzer = require('./vulnerability-analyzer')
 const { getNodeModulesPaths } = require('../path-line')
 
-const EXCLUDED_PATHS = getNodeModulesPaths('express/lib/response.js')
+const EXCLUDED_PATHS = [
+  // Express
+  getNodeModulesPaths('express/lib/response.js'),
+  // Fastify
+  getNodeModulesPaths('fastify/lib/reply.js'),
+  getNodeModulesPaths('fastify/lib/hooks.js'),
+  getNodeModulesPaths('@fastify/cookie/plugin.js')
+]
 
 class CookieAnalyzer extends Analyzer {
   constructor (type, propertyToBeSafe) {

package/packages/dd-trace/src/appsec/iast/analyzers/hsts-header-missing-analyzer.js

@@ -10,8 +10,8 @@ class HstsHeaderMissingAnalyzer extends MissingHeaderAnalyzer {
     super(HSTS_HEADER_MISSING, HSTS_HEADER_NAME)
   }
 
-  _isVulnerableFromRequestAndResponse (req, res) {
-    const headerValues = this._getHeaderValues(res, HSTS_HEADER_NAME)
+  _isVulnerableFromRequestAndResponse (req, res, storedHeaders) {
+    const headerValues = this._getHeaderValues(res, storedHeaders, HSTS_HEADER_NAME)
     return this._isHttpsProtocol(req) && (
       headerValues.length === 0 ||
       headerValues.some(headerValue => !this._isHeaderValid(headerValue))

package/packages/dd-trace/src/appsec/iast/analyzers/missing-header-analyzer.js

@@ -28,8 +28,9 @@ class MissingHeaderAnalyzer extends Analyzer {
     }, (data) => this.analyze(data))
   }
 
-  _getHeaderValues (res, headerName) {
-    const headerValue = res.getHeader(headerName)
+  _getHeaderValues (res, storedHeaders, headerName) {
+    headerName = headerName.toLowerCase()
+    const headerValue = res.getHeader(headerName) || storedHeaders[headerName]
     if (Array.isArray(headerValue)) {
       return headerValue
     }
@@ -46,8 +47,8 @@ class MissingHeaderAnalyzer extends Analyzer {
     return `${type}:${this.config.tracerConfig.service}`
   }
 
-  _getEvidence ({ res }) {
-    const headerValues = this._getHeaderValues(res, this.headerName)
+  _getEvidence ({ res, storedHeaders }) {
+    const headerValues = this._getHeaderValues(res, storedHeaders, this.headerName)
     let value
     if (headerValues.length === 1) {
       value = headerValues[0]
@@ -57,19 +58,19 @@ class MissingHeaderAnalyzer extends Analyzer {
     return { value }
   }
 
-  _isVulnerable ({ req, res }, context) {
-    if (!IGNORED_RESPONSE_STATUS_LIST.has(res.statusCode) && this._isResponseHtml(res)) {
-      return this._isVulnerableFromRequestAndResponse(req, res)
+  _isVulnerable ({ req, res, storedHeaders }, context) {
+    if (!IGNORED_RESPONSE_STATUS_LIST.has(res.statusCode) && this._isResponseHtml(res, storedHeaders)) {
+      return this._isVulnerableFromRequestAndResponse(req, res, storedHeaders)
     }
     return false
   }
 
-  _isVulnerableFromRequestAndResponse (req, res) {
+  _isVulnerableFromRequestAndResponse (req, res, storedHeaders) {
     return false
   }
 
-  _isResponseHtml (res) {
-    const contentTypes = this._getHeaderValues(res, 'content-type')
+  _isResponseHtml (res, storedHeaders) {
+    const contentTypes = this._getHeaderValues(res, storedHeaders, 'content-type')
     return contentTypes.some(contentType => {
       return contentType && HTML_CONTENT_TYPES.some(htmlContentType => {
         return htmlContentType === contentType || contentType.startsWith(htmlContentType + ';')

package/packages/dd-trace/src/appsec/iast/analyzers/set-cookies-header-interceptor.js

@@ -7,25 +7,32 @@ class SetCookiesHeaderInterceptor extends Plugin {
   constructor () {
     super()
     this.cookiesInRequest = new WeakMap()
-    this.addSub('datadog:http:server:response:set-header:finish', ({ name, value, res }) => {
-      if (name.toLowerCase() === 'set-cookie') {
-        let allCookies = value
-        if (typeof value === 'string') {
-          allCookies = [value]
-        }
-        const alreadyCheckedCookies = this._getAlreadyCheckedCookiesInResponse(res)
-
-        let location
-        allCookies.forEach(cookieString => {
-          if (!alreadyCheckedCookies.includes(cookieString)) {
-            alreadyCheckedCookies.push(cookieString)
-            const parsedCookie = this._parseCookie(cookieString, location)
-            setCookieChannel.publish(parsedCookie)
-            location = parsedCookie.location
-          }
-        })
+
+    this.addSub('datadog:http:server:response:set-header:finish',
+      ({ name, value, res }) => this._handleCookies(name, value, res))
+
+    this.addSub('datadog:fastify:set-header:finish',
+      ({ name, value, res }) => this._handleCookies(name, value, res))
+  }
+
+  _handleCookies (name, value, res) {
+    if (name.toLowerCase() === 'set-cookie') {
+      let allCookies = value
+      if (typeof value === 'string') {
+        allCookies = [value]
       }
-    })
+      const alreadyCheckedCookies = this._getAlreadyCheckedCookiesInResponse(res)
+
+      let location
+      allCookies.forEach(cookieString => {
+        if (!alreadyCheckedCookies.includes(cookieString)) {
+          alreadyCheckedCookies.push(cookieString)
+          const parsedCookie = this._parseCookie(cookieString, location)
+          setCookieChannel.publish(parsedCookie)
+          location = parsedCookie.location
+        }
+      })
+    }
   }
 
   _parseCookie (cookieString, location) {

package/packages/dd-trace/src/appsec/iast/analyzers/sql-injection-analyzer.js

@@ -18,31 +18,39 @@ class SqlInjectionAnalyzer extends StoredInjectionAnalyzer {
     this.addSub('datadog:mysql2:outerquery:start', ({ sql }) => this.analyze(sql, undefined, 'MYSQL'))
     this.addSub('apm:pg:query:start', ({ query }) => this.analyze(query.text, undefined, 'POSTGRES'))
 
-    this.addSub(
+    this.addBind(
       'datadog:sequelize:query:start',
       ({ sql, dialect }) => this.getStoreAndAnalyze(sql, dialect.toUpperCase())
     )
     this.addSub('datadog:sequelize:query:finish', () => this.returnToParentStore())
 
-    this.addSub('datadog:pg:pool:query:start', ({ query }) => this.getStoreAndAnalyze(query.text, 'POSTGRES'))
+    this.addSub('datadog:pg:pool:query:start', ({ query }) => this.setStoreAndAnalyze(query.text, 'POSTGRES'))
     this.addSub('datadog:pg:pool:query:finish', () => this.returnToParentStore())
 
-    this.addSub('datadog:mysql:pool:query:start', ({ sql }) => this.getStoreAndAnalyze(sql, 'MYSQL'))
+    this.addSub('datadog:mysql:pool:query:start', ({ sql }) => this.setStoreAndAnalyze(sql, 'MYSQL'))
     this.addSub('datadog:mysql:pool:query:finish', () => this.returnToParentStore())
 
     this.addSub('datadog:knex:raw:start', ({ sql, dialect: knexDialect }) => {
       const dialect = this.normalizeKnexDialect(knexDialect)
-      this.getStoreAndAnalyze(sql, dialect)
+      this.setStoreAndAnalyze(sql, dialect)
     })
     this.addSub('datadog:knex:raw:finish', () => this.returnToParentStore())
   }
 
+  setStoreAndAnalyze (query, dialect) {
+    const store = this.getStoreAndAnalyze(query, dialect)
+
+    if (store) {
+      storage('legacy').enterWith(store)
+    }
+  }
+
   getStoreAndAnalyze (query, dialect) {
     const parentStore = storage('legacy').getStore()
     if (parentStore) {
       this.analyze(query, parentStore, dialect)
 
-      storage('legacy').enterWith({ ...parentStore, sqlAnalyzed: true, sqlParentStore: parentStore })
+      return { ...parentStore, sqlAnalyzed: true, sqlParentStore: parentStore }
     }
   }
 

package/packages/dd-trace/src/appsec/iast/analyzers/unvalidated-redirect-analyzer.js

@@ -9,7 +9,10 @@ const {
   HTTP_REQUEST_PARAMETER
 } = require('../taint-tracking/source-types')
 
-const EXCLUDED_PATHS = getNodeModulesPaths('express/lib/response.js')
+const EXCLUDED_PATHS = [
+  getNodeModulesPaths('express/lib/response.js'),
+  getNodeModulesPaths('fastify/lib/reply.js'),
+]
 
 const VULNERABLE_SOURCE_TYPES = new Set([
   HTTP_REQUEST_BODY,
@@ -23,6 +26,7 @@ class UnvalidatedRedirectAnalyzer extends InjectionAnalyzer {
 
   onConfigure () {
     this.addSub('datadog:http:server:response:set-header:finish', ({ name, value }) => this.analyze(name, value))
+    this.addSub('datadog:fastify:set-header:finish', ({ name, value }) => this.analyze(name, value))
   }
 
   analyze (name, value) {

package/packages/dd-trace/src/appsec/iast/analyzers/xcontenttype-header-missing-analyzer.js

@@ -10,8 +10,8 @@ class XcontenttypeHeaderMissingAnalyzer extends MissingHeaderAnalyzer {
     super(XCONTENTTYPE_HEADER_MISSING, XCONTENTTYPEOPTIONS_HEADER_NAME)
   }
 
-  _isVulnerableFromRequestAndResponse (req, res) {
-    const headerValues = this._getHeaderValues(res, XCONTENTTYPEOPTIONS_HEADER_NAME)
+  _isVulnerableFromRequestAndResponse (req, res, storedHeaders) {
+    const headerValues = this._getHeaderValues(res, storedHeaders, XCONTENTTYPEOPTIONS_HEADER_NAME)
     return headerValues.length === 0 || headerValues.some(headerValue => headerValue.trim().toLowerCase() !== 'nosniff')
   }
 }

package/packages/dd-trace/src/appsec/iast/iast-plugin.js

@@ -47,6 +47,10 @@ class IastPluginSubscription {
   }
 
   matchesModuleInstrumented (name) {
+    // Remove node: prefix if present
+    if (name.startsWith('node:')) {
+      name = name.slice(5)
+    }
     // https module is a special case because it's events are published as http
     name = name === 'https' ? 'http' : name
     return this.moduleName === name

package/packages/dd-trace/src/appsec/iast/index.js

@@ -18,11 +18,12 @@ const { IAST_ENABLED_TAG_KEY } = require('./tags')
 const iastTelemetry = require('./telemetry')
 const { enable: enableFsPlugin, disable: disableFsPlugin, IAST_MODULE } = require('../rasp/fs-plugin')
 const securityControls = require('./security-controls')
+const { incomingHttpRequestStart, incomingHttpRequestEnd, responseWriteHead } = require('../channels')
+
+const collectedResponseHeaders = new WeakMap()
 
 // TODO Change to `apm:http:server:request:[start|close]` when the subscription
 //  order of the callbacks can be enforce
-const requestStart = dc.channel('dd-trace:incomingHttpRequestStart')
-const requestClose = dc.channel('dd-trace:incomingHttpRequestEnd')
 const iastResponseEnd = dc.channel('datadog:iast:response-end')
 let isEnabled = false
 
@@ -33,8 +34,9 @@ function enable (config, _tracer) {
   enableFsPlugin(IAST_MODULE)
   enableAllAnalyzers(config)
   enableTaintTracking(config.iast, iastTelemetry.verbosity)
-  requestStart.subscribe(onIncomingHttpRequestStart)
-  requestClose.subscribe(onIncomingHttpRequestEnd)
+  incomingHttpRequestStart.subscribe(onIncomingHttpRequestStart)
+  incomingHttpRequestEnd.subscribe(onIncomingHttpRequestEnd)
+  responseWriteHead.subscribe(onResponseWriteHeadCollect)
   overheadController.configure(config.iast)
   overheadController.startGlobalContext()
   securityControls.configure(config.iast)
@@ -53,8 +55,9 @@ function disable () {
   disableAllAnalyzers()
   disableTaintTracking()
   overheadController.finishGlobalContext()
-  if (requestStart.hasSubscribers) requestStart.unsubscribe(onIncomingHttpRequestStart)
-  if (requestClose.hasSubscribers) requestClose.unsubscribe(onIncomingHttpRequestEnd)
+  if (incomingHttpRequestStart.hasSubscribers) incomingHttpRequestStart.unsubscribe(onIncomingHttpRequestStart)
+  if (incomingHttpRequestEnd.hasSubscribers) incomingHttpRequestEnd.unsubscribe(onIncomingHttpRequestEnd)
+  if (responseWriteHead.hasSubscribers) responseWriteHead.unsubscribe(onResponseWriteHeadCollect)
   vulnerabilityReporter.stop()
 }
 
@@ -89,7 +92,13 @@ function onIncomingHttpRequestEnd (data) {
     const topContext = web.getContext(data.req)
     const iastContext = iastContextFunctions.getIastContext(store, topContext)
     if (iastContext?.rootSpan) {
-      iastResponseEnd.publish(data)
+      const storedHeaders = collectedResponseHeaders.get(data.res) || {}
+
+      iastResponseEnd.publish({ ...data, storedHeaders })
+
+      if (Object.keys(storedHeaders).length) {
+        collectedResponseHeaders.delete(data.res)
+      }
 
       const vulnerabilities = iastContext.vulnerabilities
       const rootSpan = iastContext.rootSpan
@@ -105,4 +114,13 @@ function onIncomingHttpRequestEnd (data) {
   }
 }
 
+// Response headers are collected here because they are not available in the onIncomingHttpRequestEnd when using Fastify
+function onResponseWriteHeadCollect ({ res, responseHeaders = {} }) {
+  if (!res) return
+
+  if (Object.keys(responseHeaders).length) {
+    collectedResponseHeaders.set(res, responseHeaders)
+  }
+}
+
 module.exports = { enable, disable, onIncomingHttpRequestEnd, onIncomingHttpRequestStart }

package/packages/dd-trace/src/appsec/iast/taint-tracking/plugin.js

@@ -38,6 +38,25 @@ class TaintTrackingPlugin extends SourceIastPlugin {
   }
 
   onConfigure () {
+    this.addBodyParsingSubscriptions()
+
+    this.addQueryParameterSubscriptions()
+
+    this.addCookieSubscriptions()
+
+    this.addDatabaseSubscriptions()
+
+    this.addPathParameterSubscriptions()
+
+    this.addGraphQLSubscriptions()
+
+    this.addURLParsingSubscriptions()
+
+    // this is a special case to increment INSTRUMENTED_SOURCE metric for header
+    this.addInstrumentedSource('http', [HTTP_REQUEST_HEADER_VALUE, HTTP_REQUEST_HEADER_NAME])
+  }
+
+  addBodyParsingSubscriptions () {
     const onRequestBody = ({ req }) => {
       const iastContext = getIastContext(storage('legacy').getStore())
       if (iastContext && iastContext.body !== req.body) {
@@ -57,17 +76,13 @@ class TaintTrackingPlugin extends SourceIastPlugin {
     )
 
     this.addSub(
-      { channelName: 'datadog:query:read:finish', tag: HTTP_REQUEST_PARAMETER },
-      ({ query }) => this._taintTrackingHandler(HTTP_REQUEST_PARAMETER, query)
-    )
-
-    this.addSub(
-      { channelName: 'datadog:express:query:finish', tag: HTTP_REQUEST_PARAMETER },
-      ({ query }) => {
+      { channelName: 'datadog:fastify:body-parser:finish', tag: HTTP_REQUEST_BODY },
+      ({ body }) => {
         const iastContext = getIastContext(storage('legacy').getStore())
-        if (!iastContext || !query) return
-
-        taintQueryWithCache(iastContext, query)
+        if (iastContext && iastContext.body !== body) {
+          this._taintTrackingHandler(HTTP_REQUEST_BODY, body)
+          iastContext.body = body
+        }
       }
     )
 
@@ -83,12 +98,45 @@ class TaintTrackingPlugin extends SourceIastPlugin {
         }
       }
     )
+  }
+
+  addQueryParameterSubscriptions () {
+    this.addSub(
+      { channelName: 'datadog:query:read:finish', tag: HTTP_REQUEST_PARAMETER },
+      ({ query }) => this._taintTrackingHandler(HTTP_REQUEST_PARAMETER, query)
+    )
+
+    this.addSub(
+      { channelName: 'datadog:fastify:query-params:finish', tag: HTTP_REQUEST_PARAMETER },
+      ({ query }) => {
+        this._taintTrackingHandler(HTTP_REQUEST_PARAMETER, query)
+      }
+    )
 
+    this.addSub(
+      { channelName: 'datadog:express:query:finish', tag: HTTP_REQUEST_PARAMETER },
+      ({ query }) => {
+        const iastContext = getIastContext(storage('legacy').getStore())
+        if (!iastContext || !query) return
+
+        taintQueryWithCache(iastContext, query)
+      }
+    )
+  }
+
+  addCookieSubscriptions () {
     this.addSub(
       { channelName: 'datadog:cookie:parse:finish', tag: [HTTP_REQUEST_COOKIE_VALUE, HTTP_REQUEST_COOKIE_NAME] },
       ({ cookies }) => this._cookiesTaintTrackingHandler(cookies)
     )
 
+    this.addSub(
+      { channelName: 'datadog:fastify-cookie:read:finish', tag: [HTTP_REQUEST_COOKIE_VALUE, HTTP_REQUEST_COOKIE_NAME] },
+      ({ cookies }) => this._cookiesTaintTrackingHandler(cookies)
+    )
+  }
+
+  addDatabaseSubscriptions () {
     this.addSub(
       { channelName: 'datadog:sequelize:query:finish', tag: SQL_ROW_VALUE },
       ({ result }) => this._taintDatabaseResult(result, 'sequelize')
@@ -98,25 +146,36 @@ class TaintTrackingPlugin extends SourceIastPlugin {
       { channelName: 'apm:pg:query:finish', tag: SQL_ROW_VALUE },
       ({ result }) => this._taintDatabaseResult(result, 'pg')
     )
+  }
+
+  addPathParameterSubscriptions () {
+    const pathParamHandler = ({ req }) => {
+      if (req && req.params !== null && typeof req.params === 'object') {
+        this._taintTrackingHandler(HTTP_REQUEST_PATH_PARAM, req, 'params')
+      }
+    }
 
     this.addSub(
       { channelName: 'datadog:express:process_params:start', tag: HTTP_REQUEST_PATH_PARAM },
-      ({ req }) => {
-        if (req && req.params !== null && typeof req.params === 'object') {
-          this._taintTrackingHandler(HTTP_REQUEST_PATH_PARAM, req, 'params')
-        }
-      }
+      pathParamHandler
     )
 
     this.addSub(
       { channelName: 'datadog:router:param:start', tag: HTTP_REQUEST_PATH_PARAM },
-      ({ req }) => {
-        if (req && req.params !== null && typeof req.params === 'object') {
-          this._taintTrackingHandler(HTTP_REQUEST_PATH_PARAM, req, 'params')
+      pathParamHandler
+    )
+
+    this.addSub(
+      { channelName: 'datadog:fastify:path-params:finish', tag: HTTP_REQUEST_PATH_PARAM },
+      ({ req, params }) => {
+        if (req) {
+          this._taintTrackingHandler(HTTP_REQUEST_PATH_PARAM, params)
         }
       }
     )
+  }
 
+  addGraphQLSubscriptions () {
     this.addSub(
       { channelName: 'apm:graphql:resolve:start', tag: HTTP_REQUEST_BODY },
       (data) => {
@@ -128,7 +187,9 @@ class TaintTrackingPlugin extends SourceIastPlugin {
         }
       }
     )
+  }
 
+  addURLParsingSubscriptions () {
     const urlResultTaintedProperties = ['host', 'origin', 'hostname']
     this.addSub(
       { channelName: 'datadog:url:parse:finish' },
@@ -162,9 +223,6 @@ class TaintTrackingPlugin extends SourceIastPlugin {
         context.result =
           newTaintedString(iastContext, context.result, origRange.iinfo.parameterName, origRange.iinfo.type)
       })
-
-    // this is a special case to increment INSTRUMENTED_SOURCE metric for header
-    this.addInstrumentedSource('http', [HTTP_REQUEST_HEADER_VALUE, HTTP_REQUEST_HEADER_NAME])
   }
 
   _taintTrackingHandler (type, target, property, iastContext = getIastContext(storage('legacy').getStore())) {

package/packages/dd-trace/src/appsec/iast/vulnerabilities-formatter/index.js

@@ -4,9 +4,7 @@ const sensitiveHandler = require('./evidence-redaction/sensitive-handler')
 const { stringifyWithRanges } = require('./utils')
 
 class VulnerabilityFormatter {
-  constructor () {
-    this._redactVulnearbilities = true
-  }
+  _redactVulnearbilities = true
 
   setRedactVulnerabilities (shouldRedactVulnerabilities, redactionNamePattern, redactionValuePattern) {
     this._redactVulnearbilities = shouldRedactVulnerabilities

package/packages/dd-trace/src/appsec/rasp/fs-plugin.js

@@ -35,10 +35,6 @@ class AppsecFsPlugin extends Plugin {
     this.addBind('apm:fs:operation:finish', this._onFsOperationFinishOrRenderEnd)
     this.addBind('tracing:datadog:express:response:render:start', this._onResponseRenderStart)
     this.addBind('tracing:datadog:express:response:render:end', this._onFsOperationFinishOrRenderEnd)
-    // TODO Remove this when dc-polyfill is fixed&updated
-    //  hack to node 18 and early 20.x
-    //  with dc-polyfill addBind is not enough to force a channel.hasSubscribers === true
-    this.addSub('tracing:datadog:express:response:render:start', () => {})
 
     super.configure(true)
   }

package/packages/dd-trace/src/datastreams/schemas/schema_builder.js

@@ -66,17 +66,13 @@ class SchemaBuilder {
 }
 
 class OpenApiSchema {
-  constructor () {
-    this.openapi = '3.0.0'
-    this.components = new OpenApiComponents()
-  }
+  openapi = '3.0.0'
+  components = new OpenApiComponents()
 }
 
 OpenApiSchema.SCHEMA = class {
-  constructor () {
-    this.type = 'object'
-    this.properties = {}
-  }
+  type = 'object'
+  properties = {}
 }
 
 OpenApiSchema.PROPERTY = class {

package/packages/dd-trace/src/datastreams/schemas/schema_sampler.js

@@ -3,10 +3,8 @@
 const SAMPLE_INTERVAL_MILLIS = 30 * 1000
 
 class SchemaSampler {
-  constructor () {
-    this.weight = 0
-    this.lastSampleMs = 0
-  }
+  weight = 0
+  lastSampleMs = 0
 
   trySample (currentTimeMs) {
     if (currentTimeMs >= this.lastSampleMs + SAMPLE_INTERVAL_MILLIS) {

package/packages/dd-trace/src/plugins/index.js

@@ -4,6 +4,7 @@ module.exports = {
   get '@apollo/gateway' () { return require('../../../datadog-plugin-apollo/src') },
   get '@aws-sdk/smithy-client' () { return require('../../../datadog-plugin-aws-sdk/src') },
   get '@azure/functions' () { return require('../../../datadog-plugin-azure-functions/src') },
+  get '@azure/service-bus' () { return require('../../../datadog-plugin-azure-service-bus/src') },
   get '@cucumber/cucumber' () { return require('../../../datadog-plugin-cucumber/src') },
   get '@playwright/test' () { return require('../../../datadog-plugin-playwright/src') },
   get '@elastic/elasticsearch' () { return require('../../../datadog-plugin-elasticsearch/src') },

package/packages/dd-trace/src/plugins/util/ci.js

@@ -86,6 +86,13 @@ function resolveTilde (filePath) {
   return filePath
 }
 
+function normalizeNumber (number) {
+  if (typeof number !== 'number') {
+    return number
+  }
+  return number.toString()
+}
+
 function getGitHubEventPayload () {
   if (!getEnvironmentVariable('GITHUB_EVENT_PATH')) {
     return
@@ -735,6 +742,7 @@ module.exports = {
     normalizeTag(tags, GIT_BRANCH, normalizeRef)
     normalizeTag(tags, GIT_TAG, normalizeRef)
     normalizeTag(tags, GIT_PULL_REQUEST_BASE_BRANCH, normalizeRef)
+    normalizeTag(tags, PR_NUMBER, normalizeNumber)
 
     return removeEmptyValues(tags)
   }