1.32.0

Components

Application Security Management (IAST)

• ⚡ Improve IAST metric unwrapping logic (#6831 - @manuel-alvarez-alvarez)
• Ensure no IAST advices are added unless appsec is fully enabled (#6813 - @manuel-alvarez-alvarez)
• ⚡ Add request sampling back in http sources (#6810 - @manuel-alvarez-alvarez)
• ✨ Improve coverage of application vulnerabilities for servlet (#6803 - @jandro996)
• Add support for kafka bytebuffers in 3.x (#6736 - @manuel-alvarez-alvarez)

Application Security Management (WAF)

• Upgrade to libddwaf-java 9.1.1 (#6846 - @smola)
• Minify AppSec rules (#6773 - @smola)
• ⚡ Improved API Security schema computation performance (#6765 - @ValentinZakharov)
• Upgrade to AppSec rules v1.11.0 (#6754 - @smola)
• Replace ASM transient mechanism with WAF ephemeral addresses (#6687 - @ValentinZakharov)
• Added GraphQL monitoring support (#6375 - @ValentinZakharov)

Configuration at Runtime

• Allow for disablement of tracing via remote config (#6827 - @nayeem-kamal)

Continuous Integration Visibility

• 🐛 Fix handling skipped features in Karate (#6870 - @nikita-tkachenko-datadog)
• 🐛 Flush pending traces synchronously before terminating child process (#6866 - @nikita-tkachenko-datadog)
• Reduce logging noise in CI Visibility (#6825 - @nikita-tkachenko-datadog)
• Add possibility to retry every failed test when retries are enabled (#6821 - @nikita-tkachenko-datadog)
• 🐛 Fix tracing for tests executed with JUnit Platform Runner (#6818 - @nikita-tkachenko-datadog)
• Optimize in-progress tests and suites lookup (#6728 - @nikita-tkachenko-datadog)

Data Streams Monitoring

• 🐛 Fix KStreams with dynamic queue names (#6857 - @kr-igor)

Dynamic Instrumentation

• 🐛 Fix inaccessible fields capture (#6883 - @jpbempel)
• Make Exception debugging instrumentation async (#6829 - @jpbempel)
• Add frame tags and send snapshots on addThrowable (#6824 - @jpbempel)
• Filter out bridge methods when instrumenting methods (#6785 - @evanchooly)

GraalVM native-image

• Enhance 'runtime_version' tag to encode graalvm source (#6788 - @jbachorik)

Library Injection

• Update base image used for lib injection (#6814 - @randomanderson)

Metrics

• Bump JMXFetch integrations-core submodule to 7.52.0 (#6852 - @mcculls)

Profiling

• Upgrade ddprof to 1.3.0 (#6845 - @richardstartin)
• Fix spurious context clear when thread detached from wallclock profiling (#6836 - @richardstartin)
• Enable queue time tracing by default (#6833 - @richardstartin)
• Unwrap ForkJoinTask$AdaptedInterruptibleCallable (#6830 - @richardstartin)
• Ensure queue timer is started for RunnableFuture types (#6828 - @richardstartin)
• use JFR timestamping for queue time thresholds (#6703 - @richardstartin)

Tracer core

• 🐛 Fix Datadog-Entity-ID detection paths joining (#6864 - @ygree)
• ⚡ Keep track of public classes in compact filter (#6860 - @mcculls)
• 🐛 Fix Datadog-Entity-ID detection by skipping a root inode (#6858 - @ygree)
• ✨ Support ordering of InstrumenterModules (#6840 - @mcculls)
• ⚡🧹 Re-use helpers across all instrumenters in a module (#6822 - @mcculls)
• 🧹 Update instrumentations to use InstrumenterModule as the service type (#6808 - @mcculls)

Instrumentations

Apache Spark instrumentation

• create SpanLink from spark.streaming_batch span to databricks.task.execution span for spark instrumentation if applicable. (#6816 - @yiliangzhou)

JDBC instrumentation

• 🐛 Fix for MySQL multi-host internally_generated connection urls (#6853 - @ygree)
• Handle comment injection for procedure CALLs (#6807 - @sethsamuel)
• Add host and db name to tags injected in SQL comments (#6778 - @vandonr)

All other instrumentations

• Optionally prevent undertow from setting http.route (#6841 - @amarziali)
• 💡 Support JDK-21 virtual thread executor (#6789 - @am312)

Other changes

• Update byte-buddy to 1.14.13 (#6861 - @manuel-alvarez-alvarez)
• Bump java-dogstatsd-client to 4.3.0 (#6851 - @mcculls)