-
Notifications
You must be signed in to change notification settings - Fork 0
Commit d9434d8
authored
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
chore(deps): bump ddtrace from 3.11.2 to 3.13.0 in /cloud-run-functions/python in the python-dependencies group (#49)
Bumps the python-dependencies group in /cloud-run-functions/python with
1 update: [ddtrace](https://github.com/DataDog/dd-trace-py).
Updates `ddtrace` from 3.11.2 to 3.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/DataDog/dd-trace-py/releases">ddtrace's
releases</a>.</em></p>
<blockquote>
<h2>3.13.0</h2>
<p>Estimated end-of-life date, accurate to within three months: 08-2026
See <a
href="https://docs.datadoghq.com/tracing/trace_collection/compatibility/python/#releases">the
support level definitions</a> for more information.</p>
<h3>Deprecation Notes</h3>
<ul>
<li>tracing: <code>ddtrace.tracer.Pin</code> is deprecated and will be
removed in version 4.0.0. To manage configuration of the tracer or
integrations please use environment variables.</li>
</ul>
<h3>New Features</h3>
<ul>
<li>
<p>opentelemetry</p>
<ul>
<li>Adds experimental support for exporting logs using the OTLP
protocol. To enable this feature install the
<code>opentelemetry-otlp-exporter</code> and set
<code>DD_LOGS_OTEL_ENABLED=true</code>.</li>
<li>Ensures that ddtrace log injection is disabled when OpenTelemetry
logs are enabled (DD_LOGS_OTEL_ENABLED=true).</li>
</ul>
</li>
<li>
<p>LLM Observability</p>
<ul>
<li>Adds support for collecting tool definitions, tool calls and tool
results in the Amazon Bedrock integration.</li>
<li>Adds support for collecting tool definitions, tool calls and tool
results in the Google GenAI integration.</li>
<li>This introduces support for tool calls and tool results in LLMObs
message annotations when using custom instrumentation. The
<code>LLMObs.annotate()</code> method now accept input and output data
with optional <code>to ol_calls</code> and <code>tool_results</code>
fields for function calling scenarios.</li>
<li>Adds support for collecting tool definitions, tool calls and tool
results in the OpenAI integration.</li>
<li>Adds support for collecting tool definitions, tool calls and tool
results in the VertexAI integration.</li>
</ul>
</li>
<li>
<p>Django: Added the <code>DD_DJANGO_ALWAYS_CREATE_DATABASE_SPANS</code>
config option (default: <code>true</code>).</p>
<p>When enabled, the Django integration always generates a database span
for every operation, even if the underlying database engine is already
instrumented. This ensures complete coverage but may produce duplicat
e spans and extra overhead.</p>
<p>When disabled, spans are only created if the database engine is not
instrumented.</p>
<p>To avoid multiple spans per database call, we recommend disabling
this option.
<code>DD_DJANGO_ALWAYS_CREATE_DATABASE_SPANS=false</code></p>
</li>
<li>
<p>AAP</p>
<ul>
<li>This introduces endpoint discovery for Flask applications. It allows
the collection of API endpoints of a Flask application at startup.</li>
<li>This introduces endpoint discovery for FastAPI applications. It
allows the collection of API endpoints of a FastAPI application at
startup.</li>
</ul>
</li>
<li>
<h3>Bug Fixes</h3>
</li>
<li>
<p>AAP: Fixes an issue where security signals would be incorrectly
reported on an inferred proxy service instead of the current
service.</p>
</li>
<li>
<p>CI Visibility: This fix resolves an issue where the
<code>pytest</code> plugin would hold a reference to test exceptions
beyond the end of the test, preventing them from being garbage-collected
and increasing memory usage.</p>
</li>
<li>
<p>psycopg: This fix resolves a potential circular import with the
psycopg3 contrib.</p>
</li>
<li>
<p>internal: This fix resolves an issue where the tracer flare was not
sent when <code>DD_TRACE_AGENT_URL</code> was not set, as the default
URL was not used.</p>
</li>
<li>
<p>tracing</p>
<ul>
<li>Fixes issue with <code>websocket.receive</code> span not closing
exactly when another <code>websocket.receive</code> span was
opened.</li>
<li>Fixes duration of websocket handshake span such that the handshake
span closes when the connection is upgraded.</li>
<li>Fix where <code>websocket.close</code> parent should be the
handshake span when configuration is disabled.</li>
<li>Resolves an issue where calling
<code>ddtrace.trace.tracer.configure(...)</code> resets the trace writer
buffer, causing spans to be dropped.</li>
</ul>
</li>
<li>
<p>Code Security: Fixed a crash in the taint-aware modulo aspect when
formatting SQLAlchemy objects whose <code>__repr__</code> can raise
(e.g., inside complex CASE expressions).</p>
</li>
<li>
<p>LLM Observability: Properly parse <code>DD_TAGS</code> onto LLM
Observability span events' tags.</p>
</li>
<li>
<p>sampling</p>
<ul>
<li>Fixed a bug where single span sampling rules were completely ignored
when stats computation was enabled, causing all single-sampled spans to
be dropped. Note that single span sampling is only used to
override trace sampling decisions to keep a span where the trace will be
dropped.</li>
<li>Removed automatic setting of local trace sampling rule tag
(<code>_dd.p.dm=-3</code>) during distributed tracing header
extraction.</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/DataDog/dd-trace-py/blob/main/CHANGELOG.md">ddtrace's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>Changelogs for versions not listed here can be found at <a
href="https://github.com/DataDog/dd-trace-py/releases">https://github.com/DataDog/dd-trace-py/releases</a></p>
<hr />
<h2>3.8.0</h2>
<h3>New Features</h3>
<ul>
<li>LLM Observability: add processor capability to process span inputs
and outputs. See usage documentation [here](<a
href="https://docs.datadoghq.com/llm_observability/setup/sdk/python/#span-processing">https://docs.datadoghq.com/llm_observability/setup/sdk/python/#span-processing</a>).</li>
<li>CI Visibility: This introduces the ability to gzip the payload when
using the evp proxy setup, incurring in less network bandwith
consumption.</li>
<li>Error Tracking: Introduces automatic reporting of handled
exceptions. Enabling the feature will report handled exceptions to Error
Tracking from the user code, the third party packages code, some
specified modules or everything based on configuration. This feature can
be controlled using two environment variables: - <!-- raw HTML omitted
-->DD_ERROR_TRACKING_HANDLED_ERRORS<!-- raw HTML omitted
-->=`allthird_party` - <!-- raw HTML omitted
-->DD_ERROR_TRACKING_HANDLED_ERRORS_INCLUDE<!-- raw HTML omitted
-->=`module1, module2, module3.submodule`</li>
<li>Code Security: IAST support for langchain v0.1.0 and above.</li>
<li>openai: This introduces tracing support for the OpenAI Responses
endpoint.</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>
<p>tracing: Fixes an issue where truncation of span attributes longer
than 25000 characters would not consistently count the size of UTF-8
multibyte characters, leading to a <code>unicode string is too
large</code> error.</p>
</li>
<li>
<p>CI Visibility: This fix resolves an issue where the
DD_CIVISIBILITY_ITR_ENABLED was not honored properly.</p>
</li>
<li>
<p>tracing: Fixes a bug in distributed tracing where pickling <!-- raw
HTML omitted -->ddtrace.trace.Context<!-- raw HTML omitted --> fails in
coroutines. This regression was introduced in v3.7.0.</p>
</li>
<li>
<p>CI Visibility: This fix resolves an issue where pytest-xdist would
not exit with the proper status code if ATR was enabled.</p>
</li>
<li>
<p>CI Visibility: This fix resolves an issue where ddtrace pytest plugin
used with xdist would report test suites as failing even when all tests
pass.</p>
</li>
<li>
<p>profiling: fixed an issue in the <code>SynchronizedSamplePool</code>
where pool could be null when calling into <code>ddog_ArrayQueue_</code>
functions, leading to segfaults in the uWSGI shutdown</p>
</li>
<li>
<p>Code Security: IAST: Avoid excessive filtering of stacktrace
locations when finding vulnerabilities. After this change,
vulnerabilities that were previously discarded will now be reported. In
particular, if they were found within code in site-packages or outside
of the working directory.</p>
</li>
<li>
<p>LLM Observability: Resolves an issue where spans and evaluation
metrics were not being sent via Unix sockets.</p>
</li>
<li>
<p>dynamic instrumentation: prevent an exception when trying to remove a
probe that did not resolve to a valid source code location.</p>
</li>
<li>
<p>kafka: This fix resolves an issue where message headers were sent to
Kafka brokers that do not support them. Message headers are turned off
when the Kafka server responds with <code>UNKNOWN_SERVER_ERROR
(-1)</code>.</p>
</li>
<li>
<p>code origin for spans: fixes a performance issue with exit spans.</p>
</li>
<li>
<p>profiling: improve performance of the memory profiler for large
heaps. The memory profiler previously did a linear search of tracked
allocations for every free, which scaled very poorly with large heaps.
Switch to a fast hash map.</p>
</li>
</ul>
<hr />
<h2>3.7.2</h2>
<h3>Bug Fixes</h3>
<ul>
<li>CI Visibility: This fix resolves an issue where the
DD_CIVISIBILITY_ITR_ENABLED was not honored properly.</li>
<li>tracing: Fixes an issue where truncation of span attributes longer
than 25000 characters would not consistently count the size of UTF-8
multibyte characters, leading to a <code>unicode string is too
large</code> error.</li>
</ul>
<hr />
<h2>3.7.1</h2>
<h3>Bug Fixes</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/DataDog/dd-trace-py/commit/2c2e8d86814ca7a385f0adfd7bd85d88746b373e"><code>2c2e8d8</code></a>
ci(llmobs): skip flaky tests hitting faulty endpoint [backport 3.13] (<a
href="https://redirect.github.com/DataDog/dd-trace-py/issues/14500">#14500</a>)</li>
<li><a
href="https://github.com/DataDog/dd-trace-py/commit/f0b82db0af9ede651532954067f0cf1ae2e8234f"><code>f0b82db</code></a>
chore(iast): add module to excluded imports in test_serverless.py (<a
href="https://redirect.github.com/DataDog/dd-trace-py/issues/14420">#14420</a>)</li>
<li><a
href="https://github.com/DataDog/dd-trace-py/commit/f10b79e6242e5a9a3879cc59feb711f8a1bd413c"><code>f10b79e</code></a>
fix(openai): handle empty mode values in azure openai streaming
responses (<a
href="https://redirect.github.com/DataDog/dd-trace-py/issues/1">#1</a>...</li>
<li><a
href="https://github.com/DataDog/dd-trace-py/commit/04ae1000e9730cf7b87df75a6db5f0db361b1cfe"><code>04ae100</code></a>
chore(CI): update system tests (<a
href="https://redirect.github.com/DataDog/dd-trace-py/issues/14431">#14431</a>)</li>
<li><a
href="https://github.com/DataDog/dd-trace-py/commit/3ec641eea94c8fbf022e90f8655e36b81adbd328"><code>3ec641e</code></a>
chore(tracer): add forwarded ip header format support (<a
href="https://redirect.github.com/DataDog/dd-trace-py/issues/14418">#14418</a>)</li>
<li><a
href="https://github.com/DataDog/dd-trace-py/commit/7c5fac0e657e5efc3d025b8978258a52a5631735"><code>7c5fac0</code></a>
fix(otel): disable log injection when otlp logs are used (<a
href="https://redirect.github.com/DataDog/dd-trace-py/issues/14427">#14427</a>)</li>
<li><a
href="https://github.com/DataDog/dd-trace-py/commit/fdd393417d0be22f026350c1beeadc8834cf56f1"><code>fdd3934</code></a>
chore: add debug logging for llm span type and openai operations (<a
href="https://redirect.github.com/DataDog/dd-trace-py/issues/14386">#14386</a>)</li>
<li><a
href="https://github.com/DataDog/dd-trace-py/commit/189052f50136b525d3aed6b4924d92d4c4395853"><code>189052f</code></a>
feat(llmobs): add toolcall and toolresults to messages (<a
href="https://redirect.github.com/DataDog/dd-trace-py/issues/14385">#14385</a>)</li>
<li><a
href="https://github.com/DataDog/dd-trace-py/commit/ff565086550a8d27eec4709924a09ce337f91540"><code>ff56508</code></a>
ci: upgrade cibuildwheel==3.1.4 (<a
href="https://redirect.github.com/DataDog/dd-trace-py/issues/14410">#14410</a>)</li>
<li><a
href="https://github.com/DataDog/dd-trace-py/commit/bbba80e068be7bf2c9e431fd545be39dd15b3818"><code>bbba80e</code></a>
chore(build): stop setting universal for bdist_wheel (<a
href="https://redirect.github.com/DataDog/dd-trace-py/issues/14422">#14422</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/DataDog/dd-trace-py/compare/v3.11.2...v3.13.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parent 4932a35 commit d9434d8Copy full SHA for d9434d8
File tree
Expand file treeCollapse file tree
1 file changed
+1
-1
lines changedOpen diff view settings
Filter options
- cloud-run-functions/python
Expand file treeCollapse file tree
1 file changed
+1
-1
lines changedOpen diff view settings
Collapse file
cloud-run-functions/python/requirements.txt
Copy file name to clipboard+1-1Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | | - | |
| 2 | + | |
0 commit comments