Bump ddtrace from 0.47.0 to 1.10.0

[dependabot]

Bumps ddtrace from 0.47.0 to 1.10.0.

Release notes

Sourced from ddtrace's releases.

1.10.0

The release of ddtrace 1.10.0 now supports Ruby 3.2 and 128-bit trace id. Furthermore, CPU Profiling 2.0 is now in opt-in (that is, disabled by default) beta 3.

You can enable it:

• Using an environment variable by setting DD_PROFILING_FORCE_ENABLE_NEW=true
• Or via code by adding to your Datadog.configure block:

Datadog.configure do |c|
  # ... existing configuration ...
  c.profiling.advanced.force_enable_new_profiler = true
end

What to expect from Ruby CPU Profiling 2.0 beta 3?

• Finer-grained profiling data due to our sampling engine rewritten in C+Rust. The profiler will be able to run more often and get more information while keeping the same 2% overhead target you're used to, and with a lower impact on latency. Especially when looking at the "Code Hotspots" panel for a distributed trace, expect more and finer grained profiles.
• Thread id information now includes the operating system thread id for Ruby 3.1+, so you'll be able to correlate your thread information when looking at other system monitoring tools
• Thread names are now collected and you're able to filter your profiles by these names
• The profiler now exposes a Datadog::Profiling.allocation_count API that can be used to measure how many objects were allocated in parts of your application
• Experimental support for capturing CPU and Wall-time spent doing Garbage Collection. This is disabled by default as we're still improving the performance of this feature and fixing a few incompatibilities with Ruby Ractors. You can enable it by adding DD_PROFILING_FORCE_ENABLE_GC=true or c.profiling.advanced.force_enable_gc_profiling = true to the instructions seen above.

...with more and faster improvements to come soon!

Give it a try, and we'd love to hear your feedback. Below, you'll find a list of known issues that we're still looking into.

Known issues:

• Rare incompatibilities with native extensions/libraries.

  Ruby CPU Profiling 2.0 gathers profiling data by sending SIGPROF unix signals to Ruby applications. This is a common approach used by many other profilers, and it may cause system calls performed by native extensions/libraries to be interrupted with an EINTR error code (reference).

  Most native extensions/libraries are unaffected by this issue, but we know of at least one case: when using the mysql2 gem together with versions of libmysqlclient older than 8.0.0 this can lead to failed database requests (reference). The affected libmysqlclient version is known to be present on Ubuntu 18.04, but not 20.04 and later releases.

  We expect these occurrences to be rare, and will be working to both improve the ecosystem as well as to deploy countermeasures in the profiler itself to avoid triggering these issues.

• Ruby 2.5 and below are missing an API that allows the profiler to detect the currently-active Ruby thread. We have deployed a workaround, but suspect that it may lead to crashes in extremely rare situations. We are still researching a solution for this issue and do not plan on rolling out CPU Profiling 2.0 automatically to Ruby 2.5 and below applications until it is fixed.

• The disabled-by-default experimental support for capturing CPU and Wall-time spent doing Garbage Collection is incompatible with Ractors due to Ruby upstream bugs (https://bugs.ruby-lang.org/issues/18464 and https://bugs.ruby-lang.org/issues/19112). We plan to work with the Ruby developers to incorporate fixes for these issues.

• The disabled-by-default experimental support for capturing CPU and Wall-time spent doing Garbage Collection can cause a lot of overhead in Ruby applications with high object allocation rates. We will be fixing this soon!

Added

• Support Ruby 3.2 (#2601)
• Publish init container image (beta) for dd-trace-rb injection through K8s admission controller (#2606)
• Tracing: Support 128 bits trace id (#2543)
• Tracing: Add tags to integrations (que / racecar / resque/ shoryken / sneakers / qless / delayed_job / kafka / sidekiq / dalli / presto / elasticsearch) (#2619, #2613 , #2608, #2590)
• Appsec: Introduce AppSec::Instrumentation::Gateway::Argument (#2648)
• Appsec: Block request when user ID matches rules (#2642)
• Appsec: Block request base on response addresses matches (#2605)
• Appsec: Allow to set user id denylist (#2612)

... (truncated)

Changelog

Sourced from ddtrace's changelog.

[1.10.0] - 2023-03-06

Added

• Support Ruby 3.2 (#2601[])
• Publish init container image (beta) for dd-trace-rb injection through K8s admission controller (#2606[])
• Tracing: Support 128 bits trace id (#2543[])
• Tracing: Add tags to integrations (que / racecar / resque/ shoryken / sneakers / qless / delayed_job / kafka / sidekiq / dalli / presto / elasticsearch) (#2619[], #2613[] , #2608[], #2590[])
• Appsec: Introduce AppSec::Instrumentation::Gateway::Argument (#2648[])
• Appsec: Block request when user ID matches rules (#2642[])
• Appsec: Block request base on response addresses matches (#2605[])
• Appsec: Allow to set user id denylist (#2612[])
• Profiling: Show profiler overhead in flamegraph for CPU Profiling 2.0 (#2607[])
• Profiling: Add support for allocation samples to ThreadContext (#2657[])
• Profiling: Exclude disabled profiling sample value types from output (#2634[])
• Profiling: Extend stack collector to record the alloc-samples metric (#2618[])
• Profiling: Add Profiling.allocation_count API for new profiler (#2635[])

Changed

• Tracing: rack instrumentation counts time spent in queue as part of the http_server.queue span (#2591[]) ([@​agrobbin][])
• Appsec: Update ruleset to 1.5.2 (#2662[], #2659[], #2598[])
• Appsec: Update libddwaf version to 1.6.2.0.0 (#2614[])
• Profiling: Upgrade profiler to use libdatadog v2.0.0 (#2599[])
• Profiling: Remove support for profiling Ruby 2.2 (#2592[])

Fixed

• Fix broken Ruby VM statistics for Ruby 3.2 (#2600[])
• Tracing: Fix 'uninitialized constant GRPC::Interceptor' error with 'gapic-common' gem (#2649[])
• Profiling: Fix profiler not adding the "In native code" placeholder (#2594[])
• Fix profiler detection for google-protobuf installation (#2595[])

[1.9.0] - 2023-01-30

As of ddtrace 1.9.0, CPU Profiling 2.0 is now in opt-in (that is, disabled by default) public beta. For more details, check the release notes.

Release notes: https://github.com/DataDog/dd-trace-rb/releases/tag/v1.9.0

Added

• Tracing: Add Stripe instrumentation (#2557[])
• Tracing: Add configurable response codes considered as errors for Net/HTTP, httprb and httpclient (#2501[], #2576[])([@​caramcc][])
• Tracing: Flexible header matching for HTTP propagator (#2504[])
• Tracing: OpenTelemetry Traces support (#2496[])
• Tracing: W3C: Propagate unknown values as-is (#2485[])
• Appsec: Add event kit API (#2512[])
• Profiling: Allow profiler development on arm64 macOS (#2573[])
• Core: Add profiling_enabled state to environment logger output (#2541[])
• Core: Add 'type' to OptionDefinition (#2493[])

... (truncated)

Commits

• 7b39d18 Merge pull request #2667 from DataDog/bump_to_version_1.10.0
• 9f0dd52 Improve changelog
• 02afeed Updated: gemfiles for 1.10.0
• 37f2a84 Bumping version 1.9.0 to 1.10.0
• 1b85e4a Added: 1.10.0 to CHANGELOG.md
• 3514f9f Merge pull request #2543 from DataDog/tonycthsu/128bits-trace-id-propagation
• b618b70 Merge branch 'master' into tonycthsu/128bits-trace-id-propagation
• 0e7c257 Merge pull request #2649 from DataDog/fix-grcp-common
• a644ca3 Merge pull request #2657 from DataDog/ivoanjo/prof-7307-allocation-samples-su...
• 4fa5f78 Caching logging_trace_id
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)