dd-trace 5.70.0 → 5.71.0

package/index.d.ts

@@ -168,6 +168,7 @@ interface Plugins {
   "aerospike": tracer.plugins.aerospike;
   "amqp10": tracer.plugins.amqp10;
   "amqplib": tracer.plugins.amqplib;
+  "anthropic": tracer.plugins.anthropic;
   "apollo": tracer.plugins.apollo;
   "avsc": tracer.plugins.avsc;
   "aws-sdk": tracer.plugins.aws_sdk;
@@ -785,6 +786,8 @@ declare namespace tracer {
 
         /** Whether to enable request body collection on RASP event
          * @default false
+         *
+         * @deprecated Use UI and Remote Configuration to enable extended data collection
          */
         bodyCollection?: boolean
       },
@@ -809,20 +812,28 @@ declare namespace tracer {
       },
       /**
        * Configuration for extended headers collection tied to security events
+       *
+       * @deprecated Use UI and Remote Configuration to enable extended data collection
        */
       extendedHeadersCollection?: {
         /** Whether to enable extended headers collection
          * @default false
+         *
+         * @deprecated Use UI and Remote Configuration to enable extended data collection
          */
         enabled: boolean,
 
         /** Whether to redact collected headers
          * @default true
+         *
+         * @deprecated Use UI and Remote Configuration to enable extended data collection
          */
         redaction: boolean,
 
         /** Specifies the maximum number of headers collected.
          * @default 50
+         *
+         * @deprecated Use UI and Remote Configuration to enable extended data collection
          */
         maxHeaders: number,
       }
@@ -1530,6 +1541,12 @@ declare namespace tracer {
      */
     interface amqplib extends Instrumentation {}
 
+    /**
+     * This plugin automatically instruments the
+     * [anthropic](https://www.npmjs.com/package/@anthropic-ai/sdk) module.
+     */
+    interface anthropic extends Instrumentation {}
+
     /**
      * Currently this plugin automatically instruments
      * [@apollo/gateway](https://github.com/apollographql/federation) for module versions >= v2.3.0.

package/initialize.mjs

@@ -36,7 +36,13 @@ ${result.source}`
 const [NODE_MAJOR, NODE_MINOR] = process.versions.node.split('.').map(Number)
 
 const brokenLoaders = NODE_MAJOR === 18 && NODE_MINOR === 0
-const iitmExclusions = [/langsmith/, /openai\/_shims/, /openai\/resources\/chat\/completions\/messages/, /openai\/agents-core\/dist\/shims/]
+const iitmExclusions = [
+  /langsmith/,
+  /openai\/_shims/,
+  /openai\/resources\/chat\/completions\/messages/,
+  /openai\/agents-core\/dist\/shims/,
+  /@anthropic-ai\/sdk\/_shims/
+]
 
 export async function load (url, context, nextLoad) {
   const iitmExclusionsMatch = iitmExclusions.some((exclusion) => exclusion.test(url))

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "dd-trace",
-  "version": "5.70.0",
+  "version": "5.71.0",
   "description": "Datadog APM tracing client for JavaScript",
   "main": "index.js",
   "typings": "index.d.ts",

package/packages/datadog-instrumentations/src/anthropic.js

@@ -0,0 +1,115 @@
+'use strict'
+
+const { addHook } = require('./helpers/instrument')
+const shimmer = require('../../datadog-shimmer')
+const { channel, tracingChannel } = require('dc-polyfill')
+
+const anthropicTracingChannel = tracingChannel('apm:anthropic:request')
+const onStreamedChunkCh = channel('apm:anthropic:request:chunk')
+
+function wrapStreamIterator (iterator, ctx) {
+  return function () {
+    const itr = iterator.apply(this, arguments)
+    shimmer.wrap(itr, 'next', next => function () {
+      return next.apply(this, arguments)
+        .then(res => {
+          const { done, value: chunk } = res
+          onStreamedChunkCh.publish({ ctx, chunk, done })
+
+          if (done) {
+            finish(ctx)
+          }
+
+          return res
+        })
+        .catch(error => {
+          finish(ctx, null, error)
+          throw error
+        })
+    })
+
+    return itr
+  }
+}
+
+function wrapCreate (create) {
+  return function () {
+    if (!anthropicTracingChannel.start.hasSubscribers) {
+      return create.apply(this, arguments)
+    }
+
+    const options = arguments[0]
+    const stream = options.stream
+
+    const ctx = { options, resource: 'create' }
+
+    return anthropicTracingChannel.start.runStores(ctx, () => {
+      let apiPromise
+      try {
+        apiPromise = create.apply(this, arguments)
+      } catch (error) {
+        finish(ctx, null, error)
+        throw error
+      }
+
+      shimmer.wrap(apiPromise, 'parse', parse => function () {
+        return parse.apply(this, arguments)
+          .then(response => {
+            if (stream) {
+              shimmer.wrap(response, Symbol.asyncIterator, iterator => wrapStreamIterator(iterator, ctx))
+            } else {
+              finish(ctx, response, null)
+            }
+
+            return response
+          }).catch(error => {
+            finish(ctx, null, error)
+            throw error
+          })
+      })
+
+      anthropicTracingChannel.end.publish(ctx)
+
+      return apiPromise
+    })
+  }
+}
+
+function finish (ctx, result, error) {
+  if (error) {
+    ctx.error = error
+    anthropicTracingChannel.error.publish(ctx)
+  }
+
+  // streamed responses are handled and set separately
+  ctx.result ??= result
+
+  anthropicTracingChannel.asyncEnd.publish(ctx)
+}
+
+const extensions = ['js', 'mjs']
+for (const extension of extensions) {
+  addHook({
+    name: '@anthropic-ai/sdk',
+    file: `resources/messages.${extension}`,
+    versions: ['>=0.14.0 <0.33.0']
+  }, exports => {
+    const Messages = exports.Messages
+
+    shimmer.wrap(Messages.prototype, 'create', wrapCreate)
+
+    return exports
+  })
+
+  addHook({
+    name: '@anthropic-ai/sdk',
+    file: `resources/messages/messages.${extension}`,
+    versions: ['>=0.33.0']
+  }, exports => {
+    const Messages = exports.Messages
+
+    shimmer.wrap(Messages.prototype, 'create', wrapCreate)
+
+    return exports
+  })
+}

package/packages/datadog-instrumentations/src/helpers/hooks.js

@@ -1,6 +1,7 @@
 'use strict'
 
 module.exports = {
+  '@anthropic-ai/sdk': { esmFirst: true, fn: () => require('../anthropic') },
   '@apollo/server': () => require('../apollo-server'),
   '@apollo/gateway': () => require('../apollo'),
   'apollo-server-core': () => require('../apollo-server-core'),

package/packages/datadog-plugin-anthropic/src/index.js

@@ -0,0 +1,17 @@
+'use strict'
+
+const CompositePlugin = require('../../dd-trace/src/plugins/composite')
+const AnthropicTracingPlugin = require('./tracing')
+const AnthropicLLMObsPlugin = require('../../dd-trace/src/llmobs/plugins/anthropic')
+
+class AnthropicPlugin extends CompositePlugin {
+  static id = 'anthropic'
+  static get plugins () {
+    return {
+      llmobs: AnthropicLLMObsPlugin,
+      tracing: AnthropicTracingPlugin
+    }
+  }
+}
+
+module.exports = AnthropicPlugin

package/packages/datadog-plugin-anthropic/src/tracing.js

@@ -0,0 +1,30 @@
+'use strict'
+
+const TracingPlugin = require('../../dd-trace/src/plugins/tracing')
+
+class AnthropicTracingPlugin extends TracingPlugin {
+  static id = 'anthropic'
+  static operation = 'request'
+  static system = 'anthropic'
+  static prefix = 'tracing:apm:anthropic:request'
+
+  bindStart (ctx) {
+    const { resource, options } = ctx
+
+    this.startSpan('anthropic.request', {
+      meta: {
+        'resource.name': `Messages.${resource}`,
+        'anthropic.request.model': options.model
+      }
+    }, ctx)
+
+    return ctx.currentStore
+  }
+
+  asyncEnd (ctx) {
+    const span = ctx.currentStore?.span
+    span?.finish()
+  }
+}
+
+module.exports = AnthropicTracingPlugin

package/packages/dd-trace/src/appsec/reporter.js

@@ -38,14 +38,20 @@ const config = {
 
 const metricsQueue = new Map()
 
+const extendedDataCollectionRequest = new WeakMap()
+
 // following header lists are ordered in the same way the spec orders them, it doesn't matter but it's easier to compare
 const contentHeaderList = [
   'content-length',
-  'content-type',
   'content-encoding',
   'content-language'
 ]
 
+const responseHeaderList = [
+  ...contentHeaderList,
+  'content-type'
+]
+
 const identificationHeaders = [
   'x-amzn-trace-id',
   'cloudfront-viewer-ja3-fingerprint',
@@ -75,15 +81,27 @@ const requestHeadersList = [
   ...identificationHeaders
 ]
 
+const redactedHeadersList = [
+  'authorization',
+  'proxy-authorization',
+  'www-authenticate',
+  'proxy-authenticate',
+  'authentication-info',
+  'proxy-authentication-info',
+  'cookie',
+  'set-cookie'
+]
+
 // these request headers are always collected - it breaks the expected spec orders
 const REQUEST_HEADERS_MAP = mapHeaderAndTags(requestHeadersList, REQUEST_HEADER_TAG_PREFIX)
 
 const EVENT_HEADERS_MAP = mapHeaderAndTags(eventHeadersList, REQUEST_HEADER_TAG_PREFIX)
 
-const RESPONSE_HEADERS_MAP = mapHeaderAndTags(contentHeaderList, RESPONSE_HEADER_TAG_PREFIX)
+const RESPONSE_HEADERS_MAP = mapHeaderAndTags(responseHeaderList, RESPONSE_HEADER_TAG_PREFIX)
 
 const NON_EXTENDED_REQUEST_HEADERS = new Set([...requestHeadersList, ...eventHeadersList])
-const NON_EXTENDED_RESPONSE_HEADERS = new Set(contentHeaderList)
+const NON_EXTENDED_RESPONSE_HEADERS = new Set(responseHeaderList)
+const REDACTED_HEADERS = new Set(redactedHeadersList)
 
 function init (_config) {
   config.headersExtendedCollectionEnabled = _config.extendedHeadersCollection.enabled
@@ -132,7 +150,9 @@ function filterExtendedHeaders (headers, excludedHeaderNames, tagPrefix, limit =
   for (const [headerName, headerValue] of Object.entries(headers)) {
     if (counter >= limit) break
     if (!excludedHeaderNames.has(headerName)) {
-      result[getHeaderTag(tagPrefix, headerName)] = String(headerValue)
+      result[getHeaderTag(tagPrefix, headerName)] = REDACTED_HEADERS.has(headerName)
+        ? '<redacted>'
+        : String(headerValue)
       counter++
     }
   }
@@ -140,7 +160,7 @@ function filterExtendedHeaders (headers, excludedHeaderNames, tagPrefix, limit =
   return result
 }
 
-function getCollectedHeaders (req, res, shouldCollectEventHeaders, storedResponseHeaders = {}) {
+function getCollectedHeaders (req, res, shouldCollectEventHeaders, storedResponseHeaders = {}, extendedDataCollection) {
   // Mandatory
   const mandatoryCollectedHeaders = filterHeaders(req.headers, REQUEST_HEADERS_MAP)
 
@@ -154,7 +174,8 @@ function getCollectedHeaders (req, res, shouldCollectEventHeaders, storedRespons
   const requestEventCollectedHeaders = filterHeaders(req.headers, EVENT_HEADERS_MAP)
   const responseEventCollectedHeaders = filterHeaders(responseHeaders, RESPONSE_HEADERS_MAP)
 
-  if (!config.headersExtendedCollectionEnabled || config.headersRedaction) {
+  // TODO headersExtendedCollectionEnabled and headersRedaction properties are deprecated to delete in a major
+  if ((!config.headersExtendedCollectionEnabled || config.headersRedaction) && !extendedDataCollection) {
     // Standard collection
     return Object.assign(
       mandatoryCollectedHeaders,
@@ -163,12 +184,15 @@ function getCollectedHeaders (req, res, shouldCollectEventHeaders, storedRespons
     )
   }
 
+  // TODO config.maxHeadersCollected is deprecated to delete in a major
+  const maxHeadersCollected = extendedDataCollection?.max_collected_headers ?? config.maxHeadersCollected
+
   // Extended collection
-  const requestExtendedHeadersAvailableCount =
-    config.maxHeadersCollected -
-    Object.keys(mandatoryCollectedHeaders).length -
+  const collectedHeadersCount = Object.keys(mandatoryCollectedHeaders).length +
     Object.keys(requestEventCollectedHeaders).length
 
+  const requestExtendedHeadersAvailableCount = maxHeadersCollected - collectedHeadersCount
+
   const requestEventExtendedCollectedHeaders =
     filterExtendedHeaders(
       req.headers,
@@ -178,7 +202,7 @@ function getCollectedHeaders (req, res, shouldCollectEventHeaders, storedRespons
     )
 
   const responseExtendedHeadersAvailableCount =
-    config.maxHeadersCollected -
+    maxHeadersCollected -
     Object.keys(responseEventCollectedHeaders).length
 
   const responseEventExtendedCollectedHeaders =
@@ -199,15 +223,15 @@ function getCollectedHeaders (req, res, shouldCollectEventHeaders, storedRespons
 
   // Check discarded headers
   const requestHeadersCount = Object.keys(req.headers).length
-  if (requestHeadersCount > config.maxHeadersCollected) {
+  if (requestHeadersCount > maxHeadersCollected) {
     headersTags['_dd.appsec.request.header_collection.discarded'] =
-      requestHeadersCount - config.maxHeadersCollected
+      requestHeadersCount - maxHeadersCollected
   }
 
   const responseHeadersCount = Object.keys(responseHeaders).length
-  if (responseHeadersCount > config.maxHeadersCollected) {
+  if (responseHeadersCount > maxHeadersCollected) {
     headersTags['_dd.appsec.response.header_collection.discarded'] =
-      responseHeadersCount - config.maxHeadersCollected
+      responseHeadersCount - maxHeadersCollected
   }
 
   return headersTags
@@ -307,7 +331,7 @@ function reportTruncationMetrics (rootSpan, metrics) {
   }
 }
 
-function reportAttack (attackData) {
+function reportAttack ({ events: attackData, actions }) {
   const store = storage('legacy').getStore()
   const req = store?.req
   const rootSpan = web.root(req)
@@ -338,8 +362,14 @@ function reportAttack (attackData) {
 
   rootSpan.addTags(newTags)
 
+  // TODO this should be deleted in a major
   if (config.raspBodyCollection && isRaspAttack(attackData)) {
-    reportRequestBody(rootSpan, req.body)
+    reportRequestBody(rootSpan, req.body, true)
+  }
+
+  const extendedDataCollection = actions?.extended_data_collection
+  if (extendedDataCollection) {
+    extendedDataCollectionRequest.set(req, extendedDataCollection)
   }
 }
 
@@ -398,18 +428,29 @@ function truncateRequestBody (target, depth = 0) {
   }
 }
 
-function reportRequestBody (rootSpan, requestBody) {
-  if (!requestBody) return
+function reportRequestBody (rootSpan, requestBody, comesFromRaspAction = false) {
+  if (!requestBody || Object.keys(requestBody).length === 0) return
 
   if (!rootSpan.meta_struct) {
     rootSpan.meta_struct = {}
   }
 
-  if (!rootSpan.meta_struct['http.request.body']) {
+  if (rootSpan.meta_struct['http.request.body']) {
+    // If the rasp.exceed metric exists, set also the same for the new tag
+    const currentTags = rootSpan.context()._tags
+    const sizeExceedTagValue = currentTags['_dd.appsec.rasp.request_body_size.exceeded']
+
+    if (sizeExceedTagValue) {
+      rootSpan.setTag('_dd.appsec.request_body_size.exceeded', sizeExceedTagValue)
+    }
+  } else {
     const { truncated, value } = truncateRequestBody(requestBody)
     rootSpan.meta_struct['http.request.body'] = value
     if (truncated) {
-      rootSpan.setTag('_dd.appsec.rasp.request_body_size.exceeded', 'true')
+      const sizeExceedTagKey = comesFromRaspAction
+        ? '_dd.appsec.rasp.request_body_size.exceeded' // TODO old metric to delete in a major
+        : '_dd.appsec.request_body_size.exceeded'
+      rootSpan.setTag(sizeExceedTagKey, 'true')
     }
   }
 }
@@ -496,7 +537,15 @@ function finishRequest (req, res, storedResponseHeaders) {
 
   const tags = rootSpan.context()._tags
 
-  const newTags = getCollectedHeaders(req, res, shouldCollectEventHeaders(tags), storedResponseHeaders)
+  const extendedDataCollection = extendedDataCollectionRequest.get(req)
+  const newTags = getCollectedHeaders(
+    req, res, shouldCollectEventHeaders(tags), storedResponseHeaders, extendedDataCollection
+  )
+
+  if (extendedDataCollection) {
+    // TODO add support for fastify, req.body is not available in fastify
+    reportRequestBody(rootSpan, req.body)
+  }
 
   if (tags['appsec.event'] === 'true' && typeof req.route?.path === 'string') {
     newTags['http.endpoint'] = req.route.path

package/packages/dd-trace/src/appsec/waf/waf_context_wrapper.js

@@ -141,7 +141,7 @@ class WAFContextWrapper {
       metrics.wafTimeout = result.timeout
 
       if (ruleTriggered) {
-        Reporter.reportAttack(result.events)
+        Reporter.reportAttack(result)
       }
 
       Reporter.reportAttributes(result.attributes)

package/packages/dd-trace/src/config.js

@@ -668,6 +668,7 @@ class Config {
     this._envUnprocessed['appsec.blockedTemplateJson'] = DD_APPSEC_HTTP_BLOCKED_TEMPLATE_JSON
     this._setBoolean(env, 'appsec.enabled', DD_APPSEC_ENABLED)
     this._setString(env, 'appsec.eventTracking.mode', DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE)
+    // TODO appsec.extendedHeadersCollection are deprecated, to delete in a major
     this._setBoolean(env, 'appsec.extendedHeadersCollection.enabled', DD_APPSEC_COLLECT_ALL_HEADERS)
     this._setBoolean(
       env,
@@ -679,6 +680,7 @@ class Config {
     this._setString(env, 'appsec.obfuscatorKeyRegex', DD_APPSEC_OBFUSCATION_PARAMETER_KEY_REGEXP)
     this._setString(env, 'appsec.obfuscatorValueRegex', DD_APPSEC_OBFUSCATION_PARAMETER_VALUE_REGEXP)
     this._setBoolean(env, 'appsec.rasp.enabled', DD_APPSEC_RASP_ENABLED)
+    // TODO Deprecated, to delete in a major
     this._setBoolean(env, 'appsec.rasp.bodyCollection', DD_APPSEC_RASP_COLLECT_REQUEST_BODY)
     env['appsec.rateLimit'] = maybeInt(DD_APPSEC_TRACE_RATE_LIMIT)
     this._envUnprocessed['appsec.rateLimit'] = DD_APPSEC_TRACE_RATE_LIMIT

package/packages/dd-trace/src/config_defaults.js

@@ -36,12 +36,14 @@ module.exports = {
   'appsec.blockedTemplateJson': undefined,
   'appsec.enabled': undefined,
   'appsec.eventTracking.mode': 'identification',
+  // TODO appsec.extendedHeadersCollection is deprecated, to delete in a major
   'appsec.extendedHeadersCollection.enabled': false,
   'appsec.extendedHeadersCollection.redaction': true,
   'appsec.extendedHeadersCollection.maxHeaders': 50,
   'appsec.obfuscatorKeyRegex': defaultWafObfuscatorKeyRegex,
   'appsec.obfuscatorValueRegex': defaultWafObfuscatorValueRegex,
   'appsec.rasp.enabled': true,
+  // TODO Deprecated, to delete in a major
   'appsec.rasp.bodyCollection': false,
   'appsec.rateLimit': 100,
   'appsec.rules': undefined,

package/packages/dd-trace/src/llmobs/plugins/anthropic.js

@@ -0,0 +1,282 @@
+'use strict'
+
+const LLMObsPlugin = require('./base')
+
+const ALLOWED_METADATA_KEYS = new Set([
+  'max_tokens',
+  'stop_sequences',
+  'temperature',
+  'top_k',
+  'top_p',
+])
+
+class AnthropicLLMObsPlugin extends LLMObsPlugin {
+  static integration = 'anthropic' // used for llmobs telemetry
+  static id = 'anthropic'
+  static prefix = 'tracing:apm:anthropic:request'
+
+  constructor () {
+    super(...arguments)
+
+    this.addSub('apm:anthropic:request:chunk', ({ ctx, chunk, done }) => {
+      ctx.chunks ??= []
+      const chunks = ctx.chunks
+      if (chunk) chunks.push(chunk)
+
+      if (!done) return
+
+      const response = { content: [] }
+
+      for (const chunk of chunks) {
+        switch (chunk.type) {
+          case 'message_start': {
+            const { message } = chunk
+            if (!message) continue
+
+            const { role, usage } = message
+            if (role) response.role = role
+            if (usage) response.usage = usage
+            break
+          }
+          case 'content_block_start': {
+            const contentBlock = chunk.content_block
+            if (!contentBlock) continue
+
+            const { type } = contentBlock
+            if (type === 'text') {
+              response.content.push({ type, text: contentBlock.text })
+            } else if (type === 'tool_use') {
+              response.content.push({ type, name: contentBlock.name, input: '', id: contentBlock.id })
+            }
+            break
+          }
+          case 'content_block_delta': {
+            const { delta } = chunk
+            if (!delta) continue
+
+            const { text } = delta
+            if (text) response.content[response.content.length - 1].text += text
+
+            const partialJson = delta.partial_json
+            if (partialJson && delta.type === 'input_json_delta') {
+              response.content[response.content.length - 1].input += partialJson
+            }
+            break
+          }
+          case 'content_block_stop': {
+            const type = response.content[response.content.length - 1].type
+            if (type === 'tool_use') {
+              const input = response.content[response.content.length - 1].input ?? '{}'
+              response.content[response.content.length - 1].input = JSON.parse(input)
+            }
+            break
+          }
+          case 'message_delta': {
+            const { delta } = chunk
+
+            const finishReason = delta?.stop_reason
+            if (finishReason) response.finish_reason = finishReason
+
+            const { usage } = chunk
+            if (usage) {
+              const responseUsage = response.usage ?? (response.usage = { input_tokens: 0, output_tokens: 0 })
+              responseUsage.output_tokens = usage.output_tokens
+
+              const cacheCreationTokens = usage.cache_creation_input_tokens
+              const cacheReadTokens = usage.cache_read_input_tokens
+              if (cacheCreationTokens) responseUsage.cache_creation_input_tokens = cacheCreationTokens
+              if (cacheReadTokens) responseUsage.cache_read_input_tokens = cacheReadTokens
+            }
+
+            break
+          }
+          case 'error': {
+            const { error } = chunk
+            if (!error) continue
+
+            response.error = {}
+            if (error.type) response.error.type = error.type
+            if (error.message) response.error.message = error.message
+
+            break
+          }
+        }
+
+        ctx.result = response
+      }
+    })
+  }
+
+  getLLMObsSpanRegisterOptions (ctx) {
+    const { options } = ctx
+    const { model } = options
+
+    return {
+      kind: 'llm',
+      modelName: model,
+      modelProvider: 'anthropic'
+    }
+  }
+
+  setLLMObsTags (ctx) {
+    const span = ctx.currentStore?.span
+    if (!span) return
+
+    const { options, result } = ctx
+
+    this.#tagAnthropicInputMessages(span, options)
+    this.#tagAnthropicOutputMessages(span, result)
+    this.#tagAnthropicMetadata(span, options)
+    this.#tagAnthropicUsage(span, result)
+  }
+
+  #tagAnthropicInputMessages (span, options) {
+    const { system, messages } = options
+    const inputMessages = []
+
+    if (system) {
+      messages.unshift({ content: system, role: 'system' })
+    }
+
+    for (const message of messages) {
+      const { content, role } = message
+
+      if (typeof content === 'string') {
+        inputMessages.push({ content, role })
+        continue
+      }
+
+      for (const block of content) {
+        if (block.type === 'text') {
+          inputMessages.push({ content: block.text, role })
+        } else if (block.type === 'image') {
+          inputMessages.push({ content: '([IMAGE DETECTED])', role })
+        } else if (block.type === 'tool_use') {
+          const { text, name, id, type } = block
+          let input = block.input
+          if (typeof input === 'string') {
+            input = JSON.parse(input)
+          }
+
+          const toolCall = {
+            name,
+            arguments: input,
+            toolId: id,
+            type
+          }
+
+          inputMessages.push({ content: text ?? '', role, toolCalls: [toolCall] })
+        } else if (block.type === 'tool_result') {
+          const { content } = block
+          const formattedContent = this.#formatAnthropicToolResultContent(content)
+          const toolResult = {
+            result: formattedContent,
+            toolId: block.tool_use_id,
+            type: 'tool_result'
+          }
+
+          inputMessages.push({ content: '', role, toolResults: [toolResult] })
+        } else {
+          inputMessages.push({ content: JSON.stringify(block), role })
+        }
+      }
+    }
+
+    this._tagger.tagLLMIO(span, inputMessages)
+  }
+
+  #tagAnthropicOutputMessages (span, result) {
+    if (!result) return
+
+    const { content, role } = result
+
+    if (typeof content === 'string') {
+      this._tagger.tagLLMIO(span, null, [{ content, role }])
+      return
+    }
+
+    const outputMessages = []
+    for (const block of content) {
+      const { text } = block
+      if (typeof text === 'string') {
+        outputMessages.push({ content: text, role })
+      } else if (block.type === 'tool_use') {
+        let input = block.input
+        if (typeof input === 'string') {
+          input = JSON.parse(input)
+        }
+
+        const toolCall = {
+          name: block.name,
+          arguments: input,
+          toolId: block.id,
+          type: block.type
+        }
+
+        outputMessages.push({ content: text ?? '', role, toolCalls: [toolCall] })
+      }
+    }
+
+    this._tagger.tagLLMIO(span, null, outputMessages)
+  }
+
+  #tagAnthropicMetadata (span, options) {
+    const metadata = {}
+    for (const [key, value] of Object.entries(options)) {
+      if (ALLOWED_METADATA_KEYS.has(key)) {
+        metadata[key] = value
+      }
+    }
+
+    this._tagger.tagMetadata(span, metadata)
+  }
+
+  #tagAnthropicUsage (span, result) {
+    if (!result) return
+
+    const { usage } = result
+    if (!usage) return
+
+    const inputTokens = usage.input_tokens
+    const outputTokens = usage.output_tokens
+    const cacheWriteTokens = usage.cache_creation_input_tokens
+    const cacheReadTokens = usage.cache_read_input_tokens
+
+    const metrics = {}
+
+    metrics.inputTokens =
+      (inputTokens ?? 0) +
+      (cacheWriteTokens ?? 0) +
+      (cacheReadTokens ?? 0)
+
+    if (outputTokens) metrics.outputTokens = outputTokens
+    const totalTokens = metrics.inputTokens + (outputTokens ?? 0)
+    if (totalTokens) metrics.totalTokens = totalTokens
+
+    if (cacheWriteTokens != null) metrics.cacheWriteTokens = cacheWriteTokens
+    if (cacheReadTokens != null) metrics.cacheReadTokens = cacheReadTokens
+
+    this._tagger.tagMetrics(span, metrics)
+  }
+
+  // maybe can make into a util file
+  #formatAnthropicToolResultContent (content) {
+    if (typeof content === 'string') {
+      return content
+    } else if (Array.isArray(content)) {
+      const formattedContent = []
+      for (const toolResultBlock of content) {
+        if (toolResultBlock.text) {
+          formattedContent.push(toolResultBlock.text)
+        } else if (toolResultBlock.type === 'image') {
+          formattedContent.push('([IMAGE DETECTED])')
+        }
+      }
+
+      return formattedContent.join(',')
+    }
+    return JSON.stringify(content)
+  }
+}
+
+module.exports = AnthropicLLMObsPlugin

package/packages/dd-trace/src/llmobs/tagger.js

@@ -268,6 +268,32 @@ class LLMObsTagger {
     return filteredToolCalls
   }
 
+  #filterToolResults (toolResults) {
+    if (!Array.isArray(toolResults)) {
+      toolResults = [toolResults]
+    }
+
+    const filteredToolResults = []
+    for (const toolResult of toolResults) {
+      if (typeof toolResult !== 'object') {
+        this.#handleFailure('Tool result must be an object.', 'invalid_io_messages')
+        continue
+      }
+
+      const { result, toolId, type } = toolResult
+      const toolResultObj = {}
+
+      const condition1 = this.#tagConditionalString(result, 'Tool result', toolResultObj, 'result')
+      const condition2 = this.#tagConditionalString(toolId, 'Tool ID', toolResultObj, 'tool_id')
+      const condition3 = this.#tagConditionalString(type, 'Tool type', toolResultObj, 'type')
+
+      if (condition1 && condition2 && condition3) {
+        filteredToolResults.push(toolResultObj)
+      }
+    }
+    return filteredToolResults
+  }
+
   #tagMessages (span, data, key) {
     if (!data) {
       return
@@ -290,6 +316,7 @@ class LLMObsTagger {
 
       const { content = '', role } = message
       const toolCalls = message.toolCalls
+      const toolResults = message.toolResults
       const toolId = message.toolId
       const messageObj = { content }
 
@@ -308,6 +335,14 @@ class LLMObsTagger {
         }
       }
 
+      if (toolResults) {
+        const filteredToolResults = this.#filterToolResults(toolResults)
+
+        if (filteredToolResults.length) {
+          messageObj.tool_results = filteredToolResults
+        }
+      }
+
       if (toolId) {
         if (role === 'tool') {
           condition = this.#tagConditionalString(toolId, 'Tool ID', messageObj, 'tool_id')

package/packages/dd-trace/src/plugins/index.js

@@ -1,6 +1,7 @@
 'use strict'
 
 module.exports = {
+  get '@anthropic-ai/sdk' () { return require('../../../datadog-plugin-anthropic/src') },
   get '@apollo/gateway' () { return require('../../../datadog-plugin-apollo/src') },
   get '@aws-sdk/smithy-client' () { return require('../../../datadog-plugin-aws-sdk/src') },
   get '@azure/functions' () { return require('../../../datadog-plugin-azure-functions/src') },

package/packages/dd-trace/src/remote_config/capabilities.js

@@ -31,6 +31,7 @@ module.exports = {
   ASM_RASP_CMDI: 1n << 37n,
   ASM_DD_MULTICONFIG: 1n << 42n,
   ASM_TRACE_TAGGING_RULES: 1n << 43n,
+  ASM_EXTENDED_DATA_COLLECTION: 1n << 44n,
   /*
     DO NOT ADD ARBITRARY CAPABILITIES IN YOUR CODE
     UNLESS THEY ARE ALREADY DEFINED IN THE BACKEND SOURCE OF TRUTH

package/packages/dd-trace/src/remote_config/index.js

@@ -96,6 +96,7 @@ function enableWafUpdate (appsecConfig) {
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_HEADER_FINGERPRINT, true)
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_DD_MULTICONFIG, true)
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_TRACE_TAGGING_RULES, true)
+    rc.updateCapabilities(RemoteConfigCapabilities.ASM_EXTENDED_DATA_COLLECTION, true)
 
     if (appsecConfig.rasp?.enabled) {
       rc.updateCapabilities(RemoteConfigCapabilities.ASM_RASP_SQLI, true)
@@ -134,6 +135,7 @@ function disableWafUpdate () {
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_HEADER_FINGERPRINT, false)
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_DD_MULTICONFIG, false)
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_TRACE_TAGGING_RULES, false)
+    rc.updateCapabilities(RemoteConfigCapabilities.ASM_EXTENDED_DATA_COLLECTION, false)
 
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_RASP_SQLI, false)
     rc.updateCapabilities(RemoteConfigCapabilities.ASM_RASP_SSRF, false)

package/packages/dd-trace/src/supported-configurations.json

@@ -176,6 +176,7 @@
     "DD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED": ["A"],
     "DD_TRACE_AEROSPIKE_ENABLED": ["A"],
     "DD_TRACE_AI_ENABLED": ["A"],
+    "DD_TRACE_ANTHROPIC_ENABLED": ["A"],
     "DD_TRACE_AGENT_PORT": ["A"],
     "DD_TRACE_AGENT_PROTOCOL_VERSION": ["A"],
     "DD_TRACE_AGENT_URL": ["A"],

package/register.js

@@ -6,5 +6,13 @@ const { register } = require('node:module')
 const { pathToFileURL } = require('node:url')
 
 register('./loader-hook.mjs', pathToFileURL(__filename), {
-  data: { exclude: [/langsmith/, /openai\/_shims/, /openai\/resources\/chat\/completions\/messages/, /openai\/agents-core\/dist\/shims/] }
+  data: {
+    exclude: [
+      /langsmith/,
+      /openai\/_shims/,
+      /openai\/resources\/chat\/completions\/messages/,
+      /openai\/agents-core\/dist\/shims/,
+      /@anthropic-ai\/sdk\/_shims/
+    ]
+  }
 })