dd-trace 5.97.0 → 5.99.0

package/packages/datadog-plugin-mocha/src/index.js

@@ -5,7 +5,6 @@ const realDateNow = Date.now.bind(Date)
 
 const CiPlugin = require('../../dd-trace/src/plugins/ci_plugin')
 const { storage } = require('../../datadog-core')
-const { getValueFromEnvSources } = require('../../dd-trace/src/config/helper')
 
 const {
   TEST_STATUS,
@@ -406,7 +405,7 @@ class MochaPlugin extends CiPlugin {
         finishAllTraceSpans(this.testSessionSpan)
         this.telemetry.count(TELEMETRY_TEST_SESSION, {
           provider: this.ciProviderName,
-          autoInjected: !!getValueFromEnvSources('DD_CIVISIBILITY_AUTO_INSTRUMENTATION_PROVIDER'),
+          autoInjected: !!this._tracerConfig.DD_CIVISIBILITY_AUTO_INSTRUMENTATION_PROVIDER,
         })
       }
       this.libraryConfig = null

package/packages/datadog-plugin-modelcontextprotocol-sdk/src/index.js

@@ -0,0 +1,24 @@
+'use strict'
+
+const CompositePlugin = require('../../dd-trace/src/plugins/composite')
+const mcpLLMObsPlugins = require('../../dd-trace/src/llmobs/plugins/modelcontextprotocol-sdk')
+const tracingPlugins = require('./tracing')
+
+const plugins = {}
+
+// CRITICAL: LLMObs plugins MUST come first
+for (const Plugin of mcpLLMObsPlugins) {
+  plugins[Plugin.id] = Plugin
+}
+
+// Tracing plugins second
+for (const Plugin of tracingPlugins) {
+  plugins[Plugin.id] = Plugin
+}
+
+class ModelcontextprotocolSdkPlugin extends CompositePlugin {
+  static id = 'modelcontextprotocol-sdk'
+  static plugins = plugins
+}
+
+module.exports = ModelcontextprotocolSdkPlugin

package/packages/datadog-plugin-modelcontextprotocol-sdk/src/tracing.js

@@ -0,0 +1,55 @@
+'use strict'
+
+const TracingPlugin = require('../../dd-trace/src/plugins/tracing')
+
+class McpToolCallPlugin extends TracingPlugin {
+  static id = 'modelcontextprotocol_client'
+  static prefix = 'tracing:orchestrion:@modelcontextprotocol/sdk:Client_callTool'
+
+  bindStart (ctx) {
+    const params = ctx.arguments?.[0]
+    const toolName = params?.name
+
+    this.startSpan('mcp.client.tool.call', {
+      resource: toolName,
+      type: 'mcp',
+      kind: 'client',
+    }, ctx)
+
+    return ctx.currentStore
+  }
+
+  asyncEnd (ctx) {
+    const result = ctx.result
+    if (result?.isError) {
+      const span = ctx.currentStore?.span
+      const errorText = result.content?.find?.(c => c.type === 'text')?.text || 'Tool call returned isError: true'
+      span?.setTag('error', new Error(errorText))
+    }
+    super.finish(ctx)
+  }
+}
+
+class McpListToolsPlugin extends TracingPlugin {
+  static id = 'modelcontextprotocol_list_tools'
+  static prefix = 'tracing:orchestrion:@modelcontextprotocol/sdk:Client_listTools'
+
+  bindStart (ctx) {
+    this.startSpan('mcp.tools.list', {
+      resource: 'tools/list',
+      type: 'mcp',
+      kind: 'client',
+    }, ctx)
+
+    return ctx.currentStore
+  }
+
+  asyncEnd (ctx) {
+    super.finish(ctx)
+  }
+}
+
+module.exports = [
+  McpToolCallPlugin,
+  McpListToolsPlugin,
+]

package/packages/datadog-plugin-mongodb-core/src/index.js

@@ -1,8 +1,6 @@
 'use strict'
 
-const { isTrue } = require('../../dd-trace/src/util')
 const DatabasePlugin = require('../../dd-trace/src/plugins/database')
-const { getValueFromEnvSources } = require('../../dd-trace/src/config/helper')
 
 class MongodbCorePlugin extends DatabasePlugin {
   static id = 'mongodb-core'
@@ -20,11 +18,8 @@ class MongodbCorePlugin extends DatabasePlugin {
   configure (config) {
     super.configure(config)
 
-    const heartbeatFromEnv = getValueFromEnvSources('DD_TRACE_MONGODB_HEARTBEAT_ENABLED')
-
     this.config.heartbeatEnabled = config.heartbeatEnabled ??
-      (heartbeatFromEnv && isTrue(heartbeatFromEnv)) ??
-      true
+      this._tracerConfig.DD_TRACE_MONGODB_HEARTBEAT_ENABLED
   }
 
   bindStart (ctx) {
@@ -35,9 +30,9 @@ class MongodbCorePlugin extends DatabasePlugin {
     }
     const query = getQuery(ops)
     const resource = truncate(getResource(this, ns, query, name))
-    const service = this.serviceName({ pluginConfig: this.config })
+    const serviceResult = this.serviceName({ pluginConfig: this.config })
     const span = this.startSpan(this.operationName(), {
-      service,
+      service: serviceResult,
       resource,
       type: 'mongodb',
       kind: 'client',
@@ -49,7 +44,7 @@ class MongodbCorePlugin extends DatabasePlugin {
         'out.port': options.port,
       },
     }, ctx)
-    const comment = this.injectDbmComment(span, ops.comment, service)
+    const comment = this.injectDbmComment(span, ops.comment, serviceResult.name)
     if (comment) {
       ops.comment = comment
     }

package/packages/datadog-plugin-mysql/src/index.js

@@ -33,7 +33,7 @@ class MySQLPlugin extends DatabasePlugin {
         [CLIENT_PORT_KEY]: ctx.conf.port,
       },
     }, ctx)
-    ctx.sql = this.injectDbmQuery(span, ctx.sql, service)
+    ctx.sql = this.injectDbmQuery(span, ctx.sql, service.name)
 
     return ctx.currentStore
   }

package/packages/datadog-plugin-next/src/index.js

@@ -3,7 +3,7 @@
 const ServerPlugin = require('../../dd-trace/src/plugins/server')
 const { storage } = require('../../datadog-core')
 const analyticsSampler = require('../../dd-trace/src/analytics_sampler')
-const { COMPONENT } = require('../../dd-trace/src/constants')
+const { COMPONENT, SVC_SRC_KEY } = require('../../dd-trace/src/constants')
 const web = require('../../dd-trace/src/plugins/util/web')
 
 const errorPages = new Set(['/404', '/500', '/_error', '/_not-found', '/_not-found/page'])
@@ -19,15 +19,21 @@ class NextPlugin extends ServerPlugin {
   bindStart ({ req, res }) {
     const store = storage('legacy').getStore()
     const childOf = store ? store.span : store
+    const { name: schemaServiceName, source: schemaServiceSource } = this.serviceName()
+    const serviceName = this.config.service || schemaServiceName
+    let serviceSource = this.config.service ? 'opt.plugin' : schemaServiceSource
+    if (!serviceName || serviceName === this.tracer._service) serviceSource = undefined
+
     const span = this.tracer.startSpan(this.operationName(), {
       childOf,
       tags: {
         [COMPONENT]: this.constructor.id,
-        'service.name': this.config.service || this.serviceName(),
+        'service.name': serviceName,
         'resource.name': req.method,
         'span.type': 'web',
         'span.kind': 'server',
         'http.method': req.method,
+        ...(serviceSource === undefined ? {} : { [SVC_SRC_KEY]: serviceSource }),
       },
       integrationName: this.constructor.id,
     })

package/packages/datadog-plugin-pg/src/index.js

@@ -32,7 +32,7 @@ class PGPlugin extends DatabasePlugin {
       span.setTag('db.stream', 1)
     }
 
-    query.__ddInjectableQuery = this.injectDbmQuery(span, query.text, service, !!query.name)
+    query.__ddInjectableQuery = this.injectDbmQuery(span, query.text, service.name, !!query.name)
 
     return ctx.currentStore
   }

package/packages/datadog-plugin-playwright/src/index.js

@@ -3,7 +3,6 @@
 const { storage } = require('../../datadog-core')
 const id = require('../../dd-trace/src/id')
 const CiPlugin = require('../../dd-trace/src/plugins/ci_plugin')
-const { getValueFromEnvSources } = require('../../dd-trace/src/config/helper')
 
 const {
   finishAllTraceSpans,
@@ -108,7 +107,7 @@ class PlaywrightPlugin extends CiPlugin {
       finishAllTraceSpans(this.testSessionSpan)
       this.telemetry.count(TELEMETRY_TEST_SESSION, {
         provider: this.ciProviderName,
-        autoInjected: !!getValueFromEnvSources('DD_CIVISIBILITY_AUTO_INSTRUMENTATION_PROVIDER'),
+        autoInjected: !!this._tracerConfig.DD_CIVISIBILITY_AUTO_INSTRUMENTATION_PROVIDER,
       })
       appClosingTelemetry()
       this.tracer._exporter.flush(onDone)
@@ -420,7 +419,7 @@ class PlaywrightPlugin extends CiPlugin {
       span.finish()
 
       finishAllTraceSpans(span)
-      if (getValueFromEnvSources('DD_PLAYWRIGHT_WORKER')) {
+      if (this._tracerConfig.DD_PLAYWRIGHT_WORKER) {
         this.tracer._exporter.flush(onDone)
       }
     })

package/packages/datadog-plugin-tedious/src/index.js

@@ -28,7 +28,7 @@ class TediousPlugin extends DatabasePlugin {
 
     // SQL Server includes comments when caching queries
     // For that reason we allow service mode but not full mode
-    ctx.sql = this.injectDbmQuery(span, ctx.queryOrProcedure, service, true)
+    ctx.sql = this.injectDbmQuery(span, ctx.queryOrProcedure, service.name, true)
     return ctx.currentStore
   }
 }

package/packages/datadog-plugin-vitest/src/index.js

@@ -2,7 +2,6 @@
 
 const CiPlugin = require('../../dd-trace/src/plugins/ci_plugin')
 const { storage } = require('../../datadog-core')
-const { getValueFromEnvSources } = require('../../dd-trace/src/config/helper')
 
 const {
   TEST_STATUS,
@@ -34,6 +33,7 @@ const {
   isModifiedTest,
   TEST_IS_MODIFIED,
   TEST_HAS_DYNAMIC_NAME,
+  TEST_FINAL_STATUS,
 } = require('../../dd-trace/src/plugins/util/test')
 const { COMPONENT } = require('../../dd-trace/src/constants')
 const {
@@ -213,10 +213,13 @@ class VitestPlugin extends CiPlugin {
       return ctx.currentStore
     })
 
-    this.addSub('ci:vitest:test:pass', ({ span, task }) => {
+    this.addSub('ci:vitest:test:pass', ({ span, task, finalStatus }) => {
       if (span) {
         this.telemetry.ciVisEvent(TELEMETRY_EVENT_FINISHED, 'test', this.getTestTelemetryTags(span))
         span.setTag(TEST_STATUS, 'pass')
+        if (finalStatus) {
+          span.setTag(TEST_FINAL_STATUS, finalStatus)
+        }
         span.finish(this.taskToFinishTime.get(task))
         finishAllTraceSpans(span)
       }
@@ -230,6 +233,7 @@ class VitestPlugin extends CiPlugin {
       promises,
       hasFailedAllRetries,
       attemptToFixFailed,
+      finalStatus,
     }) => {
       if (!span) {
         return
@@ -255,6 +259,9 @@ class VitestPlugin extends CiPlugin {
       if (attemptToFixFailed) {
         span.setTag(TEST_MANAGEMENT_ATTEMPT_TO_FIX_PASSED, 'false')
       }
+      if (finalStatus) {
+        span.setTag(TEST_FINAL_STATUS, finalStatus)
+      }
       if (duration) {
         span.finish(span._startTime + duration - MILLISECONDS_TO_SUBTRACT_FROM_FAILED_TEST_DURATION) // milliseconds
       } else {
@@ -273,6 +280,7 @@ class VitestPlugin extends CiPlugin {
           [TEST_SOURCE_FILE]: testSuite,
           [TEST_SOURCE_START]: 1, // we can't get the proper start line in vitest
           [TEST_STATUS]: 'skip',
+          [TEST_FINAL_STATUS]: 'skip',
           ...(isDisabled ? { [TEST_MANAGEMENT_IS_DISABLED]: 'true' } : {}),
           ...(isNew ? { [TEST_IS_NEW]: 'true' } : {}),
         }
@@ -285,12 +293,12 @@ class VitestPlugin extends CiPlugin {
       const { testSuiteAbsolutePath, frameworkVersion } = ctx
 
       // TODO: Handle case where the command is not set
-      this.command = getValueFromEnvSources('DD_CIVISIBILITY_TEST_COMMAND')
+      this.command = this._tracerConfig.DD_CIVISIBILITY_TEST_COMMAND
       this.frameworkVersion = frameworkVersion
       const testSessionSpanContext = this.tracer.extract('text_map', {
         // TODO: Handle case where the session ID or module ID is not set
-        'x-datadog-trace-id': getValueFromEnvSources('DD_CIVISIBILITY_TEST_SESSION_ID'),
-        'x-datadog-parent-id': getValueFromEnvSources('DD_CIVISIBILITY_TEST_MODULE_ID'),
+        'x-datadog-trace-id': this._tracerConfig.DD_CIVISIBILITY_TEST_SESSION_ID,
+        'x-datadog-parent-id': this._tracerConfig.DD_CIVISIBILITY_TEST_MODULE_ID,
       })
 
       const trimmedCommand = DD_MAJOR < 6 ? this.command : 'vitest run'
@@ -415,7 +423,7 @@ class VitestPlugin extends CiPlugin {
       finishAllTraceSpans(this.testSessionSpan)
       this.telemetry.count(TELEMETRY_TEST_SESSION, {
         provider: this.ciProviderName,
-        autoInjected: !!getValueFromEnvSources('DD_CIVISIBILITY_AUTO_INSTRUMENTATION_PROVIDER'),
+        autoInjected: !!this._tracerConfig.DD_CIVISIBILITY_AUTO_INSTRUMENTATION_PROVIDER,
       })
       this.tracer._exporter.flush(onFinish)
     })

package/packages/datadog-plugin-ws/src/close.js

@@ -47,7 +47,7 @@ class WSClosePlugin extends TracingPlugin {
     }
 
     if (isPeerClose && traceWebsocketMessagesInheritSampling && traceWebsocketMessagesSeparateTraces) {
-      span.setTag('_dd.dm.service', spanTags['service.name'] || service)
+      span.setTag('_dd.dm.service', spanTags['service.name'] || service.name)
       span.setTag('_dd.dm.resource', spanTags['resource.name'] || `websocket ${path}`)
       span.setTag('_dd.dm.inherited', 1)
     }
@@ -57,11 +57,13 @@ class WSClosePlugin extends TracingPlugin {
   }
 
   bindAsyncStart (ctx) {
+    if (!ctx.span) return ctx.parentStore
     if (!ctx.isPeerClose) ctx.span.finish()
     return ctx.parentStore
   }
 
   asyncStart (ctx) {
+    if (!ctx.span) return
     ctx.span.finish()
   }
 

package/packages/datadog-plugin-ws/src/producer.js

@@ -46,11 +46,13 @@ class WSProducerPlugin extends TracingPlugin {
   }
 
   bindAsyncStart (ctx) {
+    if (!ctx.span) return ctx.parentStore
     ctx.span.finish()
     return ctx.parentStore
   }
 
   asyncStart (ctx) {
+    if (!ctx.span) return
     ctx.span.finish()
   }
 

package/packages/datadog-plugin-ws/src/receiver.js

@@ -48,7 +48,7 @@ class WSReceiverPlugin extends TracingPlugin {
     }, ctx)
 
     if (traceWebsocketMessagesInheritSampling && traceWebsocketMessagesSeparateTraces) {
-      span.setTag('_dd.dm.service', spanTags['service.name'] || service)
+      span.setTag('_dd.dm.service', spanTags['service.name'] || service.name)
       span.setTag('_dd.dm.resource', spanTags['resource.name'] || `websocket ${path}`)
       span.setTag('_dd.dm.inherited', 1)
     }
@@ -62,6 +62,7 @@ class WSReceiverPlugin extends TracingPlugin {
   }
 
   asyncStart (ctx) {
+    if (!ctx.span) return
     ctx.span.finish()
   }
 

package/packages/dd-trace/src/aiguard/channels.js

@@ -0,0 +1,8 @@
+'use strict'
+
+const dc = require('dc-polyfill')
+
+module.exports = {
+  aiguardChannel: dc.channel('dd-trace:ai:aiguard'),
+  incomingHttpRequestStart: dc.channel('dd-trace:incomingHttpRequestStart'),
+}

package/packages/dd-trace/src/aiguard/index.js

@@ -1,15 +1,17 @@
 'use strict'
 
-const { channel } = require('dc-polyfill')
 const log = require('../log')
+const { incomingHttpRequestStart, aiguardChannel } = require('./channels')
 const AIGuard = require('./sdk')
 
-const aiguardChannel = channel('dd-trace:ai:aiguard')
-
 let isEnabled = false
 let aiguard
 let block
 
+function onIncomingHttpRequestStart () {
+  // No-op: subscribing ensures the HTTP plugin spreads req onto the store
+}
+
 function enable (tracer, config) {
   if (isEnabled) return
 
@@ -17,6 +19,7 @@ function enable (tracer, config) {
     aiguard = new AIGuard(tracer, config)
     block = config.experimental?.aiguard?.block !== false
 
+    incomingHttpRequestStart.subscribe(onIncomingHttpRequestStart)
     aiguardChannel.subscribe(onEvaluate)
 
     isEnabled = true
@@ -29,6 +32,7 @@ function enable (tracer, config) {
 function disable () {
   if (!isEnabled) return
 
+  incomingHttpRequestStart.unsubscribe(onIncomingHttpRequestStart)
   aiguardChannel.unsubscribe(onEvaluate)
 
   aiguard = undefined

package/packages/dd-trace/src/aiguard/sdk.js

@@ -1,7 +1,10 @@
 'use strict'
 
 const rfdc = require('../../../../vendor/dist/rfdc')({ proto: false, circles: false })
+const { HTTP_CLIENT_IP, NETWORK_CLIENT_IP } = require('../../../../ext/tags')
+const { getActiveRequest } = require('../appsec/store')
 const log = require('../log')
+const { extractIp } = require('../plugins/util/ip_extractor')
 const telemetryMetrics = require('../telemetry/metrics')
 const tracerVersion = require('../../../../package.json').version
 const { keepTrace } = require('../priority_sampler')
@@ -13,6 +16,7 @@ const {
   AI_GUARD_TARGET_TAG_KEY,
   AI_GUARD_REASON_TAG_KEY,
   AI_GUARD_ACTION_TAG_KEY,
+  AI_GUARD_EVENT_TAG_KEY,
   AI_GUARD_BLOCKED_TAG_KEY,
   AI_GUARD_META_STRUCT_KEY,
   AI_GUARD_TOOL_NAME_TAG_KEY,
@@ -25,11 +29,12 @@ const appsecMetrics = telemetryMetrics.manager.namespace('appsec')
 const ALLOW = 'ALLOW'
 
 class AIGuardAbortError extends Error {
-  constructor (reason, tags, sds) {
+  constructor (reason, tags, tagProbs, sds) {
     super(reason)
     this.name = 'AIGuardAbortError'
     this.reason = reason
     this.tags = tags
+    this.tagProbabilities = tagProbs
     this.sds = sds || []
   }
 }
@@ -56,6 +61,7 @@ class AIGuard extends NoopAIGuard {
   #maxMessagesLength
   #maxContentSize
   #meta
+  #config
 
   /**
    * @param {import('../tracer')} tracer - Tracer instance
@@ -83,6 +89,7 @@ class AIGuard extends NoopAIGuard {
     this.#maxMessagesLength = config.experimental.aiguard.maxMessagesLength
     this.#maxContentSize = config.experimental.aiguard.maxContentSize
     this.#meta = { service: config.service, env: config.env }
+    this.#config = config
     this.#initialized = true
   }
 
@@ -138,6 +145,42 @@ class AIGuard extends NoopAIGuard {
     return null
   }
 
+  #setRootSpanClientIpTags (rootSpan) {
+    if (!rootSpan) return
+
+    const currentTags = rootSpan.context()._tags
+    const needsHttpClientIp = !Object.hasOwn(currentTags, HTTP_CLIENT_IP)
+    const needsNetworkClientIp = !Object.hasOwn(currentTags, NETWORK_CLIENT_IP)
+
+    if (!needsHttpClientIp && !needsNetworkClientIp) return
+
+    const req = getActiveRequest()
+
+    if (!req) return
+
+    const newTags = {}
+
+    if (needsHttpClientIp) {
+      const clientIp = extractIp(this.#config, req)
+
+      if (clientIp) {
+        newTags[HTTP_CLIENT_IP] = clientIp
+      }
+    }
+
+    if (needsNetworkClientIp) {
+      const networkClientIp = req.socket?.remoteAddress
+
+      if (networkClientIp) {
+        newTags[NETWORK_CLIENT_IP] = networkClientIp
+      }
+    }
+
+    if (Object.keys(newTags).length > 0) {
+      rootSpan.addTags(newTags)
+    }
+  }
+
   evaluate (messages, opts) {
     if (!this.#initialized) {
       return super.evaluate(messages, opts)
@@ -161,9 +204,11 @@ class AIGuard extends NoopAIGuard {
       }
       const rootSpan = span.context()?._trace?.started?.[0]
       if (rootSpan) {
+        this.#setRootSpanClientIpTags(rootSpan)
         // keepTrace must be called before executeRequest so the sampling decision
         // is propagated correctly to outgoing HTTP client calls.
         keepTrace(rootSpan, AI_GUARD)
+        rootSpan.setTag(AI_GUARD_EVENT_TAG_KEY, 'true')
       }
       let response
       try {
@@ -188,38 +233,37 @@ class AIGuard extends NoopAIGuard {
           `AI Guard service call failed, status ${response.status}`,
           { errors: response.body?.errors })
       }
-      let action, reason, tags, sdsFindings, blockingEnabled
-      try {
-        const attr = response.body.data.attributes
-        if (!attr.action) {
-          throw new Error('Action missing from response')
-        }
-        action = attr.action
-        reason = attr.reason
-        tags = attr.tags
-        sdsFindings = attr.sds_findings || []
-        blockingEnabled = attr.is_blocking_enabled ?? false
-      } catch (e) {
+      const attr = response.body?.data?.attributes
+      if (!attr?.action) {
         appsecMetrics.count(AI_GUARD_TELEMETRY_REQUESTS, { error: true }).inc(1)
-        throw new AIGuardClientError(`AI Guard service returned unexpected response : ${response.body}`, { cause: e })
+        throw new AIGuardClientError(`AI Guard service returned unexpected response : ${response.body}`)
+      }
+      const action = attr.action
+      const reason = attr.reason
+      const tags = attr.tags ?? []
+      if (tags.length > 0) {
+        metaStruct.attack_categories = tags
       }
+      const sdsFindings = attr.sds_findings ?? []
+      if (sdsFindings.length > 0) {
+        metaStruct.sds = sdsFindings
+      }
+      const tagProbabilities = attr.tag_probs ?? {}
+      if (attr.tag_probs) {
+        metaStruct.tag_probs = tagProbabilities
+      }
+      const blockingEnabled = attr.is_blocking_enabled ?? false
       const shouldBlock = block && blockingEnabled && action !== ALLOW
       appsecMetrics.count(AI_GUARD_TELEMETRY_REQUESTS, { action, error: false, block: shouldBlock }).inc(1)
       span.setTag(AI_GUARD_ACTION_TAG_KEY, action)
       if (reason) {
         span.setTag(AI_GUARD_REASON_TAG_KEY, reason)
       }
-      if (tags?.length > 0) {
-        metaStruct.attack_categories = tags
-      }
-      if (sdsFindings?.length > 0) {
-        metaStruct.sds = sdsFindings
-      }
       if (shouldBlock) {
         span.setTag(AI_GUARD_BLOCKED_TAG_KEY, 'true')
-        throw new AIGuardAbortError(reason, tags, sdsFindings)
+        throw new AIGuardAbortError(reason, tags, tagProbabilities, sdsFindings)
       }
-      return { action, reason, tags, sds: sdsFindings }
+      return { action, reason, tags, tagProbabilities, sds: sdsFindings }
     })
   }
 }

package/packages/dd-trace/src/aiguard/tags.js

@@ -7,6 +7,7 @@ module.exports = {
   AI_GUARD_ACTION_TAG_KEY: 'ai_guard.action',
   AI_GUARD_REASON_TAG_KEY: 'ai_guard.reason',
   AI_GUARD_BLOCKED_TAG_KEY: 'ai_guard.blocked',
+  AI_GUARD_EVENT_TAG_KEY: 'ai_guard.event',
   AI_GUARD_META_STRUCT_KEY: 'ai_guard',
 
   AI_GUARD_TELEMETRY_REQUESTS: 'ai_guard.requests',

package/packages/dd-trace/src/appsec/blocked_templates.js

@@ -1,11 +1,12 @@
 /* eslint-disable @stylistic/max-len */
+/* eslint-disable @stylistic/quotes */
 'use strict'
 
-const html = '<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>You\'ve been blocked</title><style>a,body,div,html,span{margin:0;padding:0;border:0;font-size:100%;font:inherit;vertical-align:baseline}body{background:-webkit-radial-gradient(26% 19%,circle,#fff,#f4f7f9);background:radial-gradient(circle at 26% 19%,#fff,#f4f7f9);display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-ms-flex-line-pack:center;align-content:center;width:100%;min-height:100vh;line-height:1;flex-direction:column}p{display:block}main{text-align:center;flex:1;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-ms-flex-line-pack:center;align-content:center;flex-direction:column}p{font-size:18px;line-height:normal;color:#646464;font-family:sans-serif;font-weight:400}a{color:#4842b7}footer{width:100%;text-align:center}footer p{font-size:16px}</style></head><body><main><p>Sorry, you cannot access this page. Please contact the customer service team.</p></main><footer><p>Security provided by <a href="https://www.datadoghq.com/product/security-platform/application-security-monitoring/" target="_blank">Datadog</a></p></footer></body></html>'
+const html = `<!DOCTYPE html><html lang="en"><head><meta charset="UTF-8"><meta name="viewport" content="width=device-width,initial-scale=1"><title>You've been blocked</title><style>a,body,div,html,span{margin:0;padding:0;border:0;font-size:100%;font:inherit;vertical-align:baseline}body{background:-webkit-radial-gradient(26% 19%,circle,#fff,#f4f7f9);background:radial-gradient(circle at 26% 19%,#fff,#f4f7f9);display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-ms-flex-line-pack:center;align-content:center;width:100%;min-height:100vh;line-height:1;flex-direction:column}p{display:block}main{text-align:center;flex:1;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-pack:center;-ms-flex-pack:center;justify-content:center;-webkit-box-align:center;-ms-flex-align:center;align-items:center;-ms-flex-line-pack:center;align-content:center;flex-direction:column}p{font-size:18px;line-height:normal;color:#646464;font-family:sans-serif;font-weight:400}a{color:#4842b7}footer{width:100%;text-align:center}footer p{font-size:16px}.security-response-id{font-size:14px;color:#999;margin-top:20px;font-family:monospace}</style></head><body><main><p>Sorry, you cannot access this page. Please contact the customer service team.</p><p class="security-response-id">Security Response ID: [security_response_id]</p></main><footer><p>Security provided by <a href="https://www.datadoghq.com/product/security-platform/application-security-monitoring/" target="_blank" rel="noopener noreferrer">Datadog</a></p></footer></body></html>`
 
-const json = '{"errors":[{"title":"You\'ve been blocked","detail":"Sorry, you cannot access this page. Please contact the customer service team. Security provided by Datadog."}]}'
+const json = `{"errors":[{"title":"You've been blocked","detail":"Sorry, you cannot access this page. Please contact the customer service team. Security provided by Datadog."}],"security_response_id":"[security_response_id]"}`
 
-const graphqlJson = '{"errors":[{"message":"You\'ve been blocked","extensions":{"detail":"Sorry, you cannot perform this operation. Please contact the customer service team. Security provided by Datadog."}}]}'
+const graphqlJson = `{"errors":[{"message":"You've been blocked","extensions":{"detail":"Sorry, you cannot perform this operation. Please contact the customer service team. Security provided by Datadog."}}],"security_response_id":"[security_response_id]"}`
 
 module.exports = {
   html,