Bump the dotnet-dependencies group with 4 updates #56

dependabot · 2025-09-08T21:09:36Z

Updated Datadog.Trace.Bundle from 2.56.0 to 3.26.0.

Release notes

Sourced from Datadog.Trace.Bundle's releases.

3.26.0 Summary

Various bug fixes and optimizations.

Changes

Tracer

Update build and testing to use .NET 10 preview 7 (#7170)
chore: add logging for data pipeline status in TracerSettings (#7436)
Use P/Invoke to call lstat instead of shelling out to stat to retrieve the inode (#7453)
[Native] Convert Rejitters vector to a fixed array (#7460)
[Phase 1] chore(configuration): enable DataPipelineEnabled on AAS + Windows (#7464)

ASM

[AAP] Add Forwarded header as IP source (#7438)
[AAP] Add "100.65.0.0/10" as a private IP range (#7461)
[IAST] Fix GRPC IAST tests (#7485)
[IAST] Delay dataflow creation (#7440, #7451, #7465)

Continuous Profiler

[Profiler] Make sure we generate a build-id using SHA-1 (#7449)
[Profiler] Try fixing TSAN job (#7452)

Serverless

[Azure Functions] Restore files moved by in-process Azure Functions SDK (#7419)

Fixes

Support final="true" in NLog Logging rules for direct log submission (#7445)
Extract the Managed DevOps pools names to variables (#7447)
Update language used in native log messages (#7467)
Remove Samples.TraceAnnotations.VersionMismatch.NewerNuget (#7469)
Remove Samples.CIVisibilityVersionMismatch (#7471)
Add parameter names to MongoDb IBsonSerializerProxy.Serialize() method (#7443)
Fix GRPC instrumentation for BuildHttpErrorResponse. Enable integration tests. (#7457)

Build / Test

Use mock agent in exploration tests (#7431)
[Test Package Versions Bump] Updating package versions (#7435)
Use the global.json file to specify the .NET SDK version in GitHub Actions (#7442)
Update Managed DevOps pools images (#7446)
Remove smoke test image that won't work (#7450)
[Test Package Versions Bump] Updating package versions (#7455)
Bump the gh-actions-packages group across 2 directories with 2 updates (#7456)
[Test Package Versions Bump] Updating package versions (#7458)
Split dependabot files into separate projects (#7459)
Bump actions/setup-dotnet from 4.3.1 to 5.0.0 in the gh-actions-packages group across 1 directory (#7463)
Try to fix dependabot (#7466)
Improve logging for InstrumentationTests and update dynamic code scenario (#7472)
Fix typo in dependabot yaml (#7477)
Fix dependabot again (#7478)
... (truncated)

3.25.0 Summary

Various bug fixes and optimisations

Changes

Tracer

Implement "enahanced telemetry reporting" (#7360)
Don't call ToUpperInvariant if we don't need to (#7393)
Handle TypeLoadException when retrieving HostingEnvironment (#7417)
Add missing GetDictionary() method to ConfigurationBuilder (#7421)
More ConfigurationBuilder refactoring to avoid incorrect usages (#7422)
[Tracer] fix: Re-use runtime metrics writer resources to limit memory growth (#7434)

Continuous Profiler

[Profiler] Make timer_create-based CPU profiler default (#7322)
Revert "[Profiler] Make timer_create-based CPU profiler default (#7322)" (#7427)

Debugger

Disable debugger initialization if it's not enabled initially (#7398)

Serverless

[Azure Functions] Remove all Serverless Mini-Agent (SMA) code (#7389)

ASM

[IAST] Fix NRE in Native IAST ModuleInfo->GetFullName() (#7404)

Fixes

fix: Clean up small C# and C++ build warnings (#7363)
chore: update malformed telemetry name (#7402)
Get process start info variables safely (#7423)
Fix null reference exception in proxy spans (#7428)

Build / Test

[CI] Creates PR Label Based Docker Image (#7337)
[Test Package Versions Bump] Updating package versions (#7315)
Include the target framework in our InstrumentationTests (#7347)
Ignore rejit timeout errors in smoke tests and report a metric (#7370)
fix: Make OTLP metrics snapshot testing more stable (#7374)
Add final job for blocking merges of PRs (#7376)
Fix debug symbol upload in release job (#7377)
Fix Windows SSI release (#7379)
Fix null ref type warning in Nuke (#7382)
Fix creation of label-based artifacts for system tests (#7385)
Filter our exit span from Azure Functions tests (#7391)
Fix variable generation for linux-arm64 unit tests (#7394)
Add more alpine checks for native library (#7395)
[Test Package Versions Bump] Updating package versions (#7396)
Fix ASM WAF unit tests (#7397)
SINT-3848 🔒 Pin GitHub Actions to specific SHA versions for enhanced security (#7400)
... (truncated)

3.24.1 Summary

Fixes the SSI artifact publishing, which were not published in 3.24.0

Changes

Misc

Fix Windows SSI release (#7379)

Changes since 3.24.0

3.24.0 Summary

[Tracer] Logs injection for connecting logs with traces is enabled by default. To disable, set DD_LOGS_INJECTION=0
[Tracer] Add support for latest S3 and MSTest packages
[AAP] Add resource name to the collected endpoints
[DSM] Flush DSM stats on Lambda Stop

Changes

Tracer

Refactor the profiling configuration reading (#7303)
Minor IConfigurationSource clean up (#7327)
chore: clean up baggage span tags implementation (#7335)
Update default value of DD_LOGS_INJECTION to true (#7336)
Fix broken S3 integration (#7368)

CI Visibility

[Test Optimization] Support for MSTest v3.10 (#7343)

ASM

[AAP] Add resource name to the collected endpoints (#7317)
[AAP] Add latest supported waf capabilities to RC (#7332)
[AAP] Added WAF metrics. Reorganized other metrics to match RFC (#7356)
[AAP] Update WAF ruleset to v1.15.0 (#7331)

Debugger

[Dynamic Instrumentation] DEBUG-3514 Refactor debugger code (#7304)
Removes exception throwing during shutdown of dynamic instrumentation (#7375)

Serverless

DSMS-90: Flush DSM stats on Lambda Stop (#7054)

Data Streams Monitoring

Do not inject DSM legacy headers by default in "default enabled" mode (#7351)

Build / Test

Update xunit to latest, fix analyzer warnings, and update analyzer tests (#7280)
Send Warm-up request in iisexpress integration tests (#7321)
Update CODEOWNERS with SDK capabilities team as owners (#7328)
Pre pull aerospike image (#7333)
Remove CMake warning: jobserver unavailable: using -j1. Add `+' to parent make rule. (#7334)
Fix typo in create_draft_release (#7338)
Fix the signing of the fleet installer exe (#7341)
Elaborate on Run failed description (#7344)
Work around flake in the Couchbase 3 integration tests (#7357)
Try to fix flake by using unique keys in StackExchange sample tests (#7359)
Mark the OTLP metrics test as [Flaky] (#7369)
Fix more flake in the IIS fleet smoke tests (#7372)
Don't test Aerospike.Client 8.1.0 on .NET 6 or 7 (#7349)

... (truncated)

3.23.0 Summary

[Tracer] Baggage tags are automatically added as span tags
[Tracer] Fix resource-based sampling for ASP.NET Core
[Test Optimization] Various fixes for commit info and codeowners
[Test Optimization] Fix crash with Allure.Xunit
[IAST] Fix potential crash on ReadOnlySpan<> string.Concat() methods

Changes

Tracer

feat(baggage): adding baggage to span tags (#7020)
Swap disposal ordering of inferred span (#7293)
Add [MethodImpl(MethodImplOptions.NoInlining] to all our instrumented APIs in Datadog.Trace.Manual (#7302)
Refactor TraceSampler to separate building from evaluation (#7311)
Avoid generating resource name that will be thrown away if it's not required (#7312)
Fix resource-based sampling for ASP.NET Core (#7316)

CI Visibility

[Test Optimization] Retrieve head commit info (#7285)
[Test Optimization] Add codeowners and test source file tag at suite level (#7295)
[Test Optimization] Fix base branch SHA usage (#7300)
[Test Optimization] Avoid crashing on Allure.Xunit usage (#7305)

ASM

[AAP] Update WAF to v1.27.0 (#7330)

Continuous Profiler

[Profiler] Use ringbuffer with timer create (#7066)

Fixes

[IAST] Remove troublesome string.Concat overloads with ReadOnlySpan (#7318)

Miscellaneous

Set default timeout for Trace Exporter to 15s. (#7252)
[OTEL] OTLP Metrics Exporter POC (#7138)
[Test Package Versions Bump] Updating package versions (#7279)
[Profiler] Add vcpkg setup for build (#7292)
Ensure file_opened_ is getting updated when rotating (#7296)
Bump rejit timeout to 200ms (#7301)

Build / Test

Filter connection header in flaky tests (#7290)
Remove global state to try to fix flake (#7291)
Improve repeatability & precision of throughput tests on Linux & ARM (#7268)
More fixes for do-not-merge (#7274)
Update the Windows test agent to latest (#7275)
Fix potential deadlocks in IisFixture process code (#7281)
[Profiler] Fix and bump timeitsharp (#7294)
Fix debug symbol upload in release (#7297)
... (truncated)

3.22.0 Summary

[Azure Functions] Support for Azure Functions is GA
[Azure Functions] Optimized support for Azure Functions with the Datadog.AzureFunctions NuGet package
[TestOptimization] Add support for pr.number and additional CI variables
[TestOptimization] Add support for xunit.v3 version 3.x.x
[Data Streams Monitoring] Initial support for the default experience

Changes

Tracer

Integrations: Disable AWS Kinesis injection when the integration is disabled (#7239)
Refactor SpanContextInjector and SpanContextExtractor and improve tests (#7258)

CI Visibility

[TestOptimization] Update the CI Environment Values parser (#7242)
Add support for xunit.v3 v3 (#7245)
[Test Optimization] Add pr.number tag to Github provider (#7262)

ASM

[AAP] Update WAF to V1.26 (#7216)

Continuous Profiler

[Profiler] Add ringbuffer (#7025)

Debugger

Reduce log level for ConcurrentAdaptiveCache capacity (#7213)

Serverless

[Serverless] Remove "preview" version suffix from Datadog.AzureFunctions (#7229)
[Azure Functions] Bump Datadog.Serverless.Compat package reference version (#7238)
[Azure Functions] Fixes, refactoring, and clean-up (#7256)
[Azure Functions] Ignore additional URLs in outgoing HTTP client requests (#7271)
[Azure Functions] Fix operation name (#7272)
[Serverless] add serverless teams as co-owners on additional files (#7273)
[Serverless] GA nuget package Datadog.AzureFunctions (#7283)

Miscellaneous

Add documentation on how to perform a major version update (#7152)
[IAST] Added compatibility for stable config (#7164)
Only enable Schema extraction when DSM explicitly enabled (#7175)
remove redundant dependency check for dynamic assemblies (#7222)
Bump libdatadog from 19.0.1 to 19.1.0. (#7232)
feat: add injection metadata fields to telemetry forwarder (#7237)
DSM default state reversal (#7244)
chore: add malformed baggage header telemetry (#7254)
Fix SSI injection telemetry (#7288)
Increase rejit timeout from 100ms to 150ms (#7289)
Add agent response handling to native interop (#7201)
Prevent and remove double-disposal in DiscoveryService and RemoteConfigurationManager (#7240)
... (truncated)

3.21.0 Summary

[Tracing] Add support for NLog 6.x.x
[Test Optimization] Improve the CodeOwners parser
[Data stream Monitoring] Various fixes for Kinesis, SQS, SNS, and RabbitMQ integrations
[Serverless] Add preview support for Datadog.AzureFunctions NuGet package

Changes

Tracer

Add support for NLog 6.0 (#7131)
Show correct agent_uri path in startup log for named pipes (#7199)
Try removing exceptions from the shutdown path (#7200)
Use non-BOM version of Encoding.UTF8 in Libdatadog interop code (#7204)
feat(libdatadog-logger): integrate libdatadog logging (#7075)

CI Visibility

[Test Optimization] Improve the CodeOwners parser (#7155)

ASM

[AAP] Report ASM RC status to Telemetry Config (#7141)
[AAP] Send WAF config errors to Telemetry Logs (#7142)

Continuous Profiler

Don't load the profiler on arm64 (#7169)
[Profiler] Remove ssi telemetry (#7176)
[Profiler] Protect against thread abort (#7187)

Debugger

[Exception Replay] Groundwork to support Test Optimization (#7085)
[Dynamic Instrumentaiton] Marking instrumentation as failure if IsReEntryField is absent (#7188)
[Dynamic Instrumentation] Reducing noisy log lines (#7198)

Serverless

Add new Datadog.AzureFunctions nuget package (#7111)
[Serverless] Update nuget package reference (#7203)
Add support for writing managed logs to the console (stdout) (#7160)

Fixes

fix: Handle both SQS StringValue and SNS BinaryValue in context extraction (#7205)

Build / Test

[Profiler] Fix flacky tests (#7161)
Adding Throughput Test for Kafka & DSM (#7133)
ServiceBus.Minimal.Rebus SQL connection error (#7146)
[Test Optimization] Remove impacted tests backend tests (#7151)
[Test Package Versions Bump] Updating package versions (#7156)
Fix test InitializesTracerWhenTracingIsDisabled Flakiness (#7163)
Bump the gh-actions-packages group across 2 directories with 3 updates (#7166)
Add retry to smoke crash tracking tests (#7172)
... (truncated)

3.20.1 Summary

Ensures we never load the Continuous Profiler on linux arm64, as it's unsupported. Loading an unloading the Continuous Profiler can trigger crash conditions on some old versions of glibc.

Changes

Continuous Profiler

Don't load the profiler on arm64 (#7169)

Miscellaneous

[fleet installer] Remove the global instrumentation commands (#7182)

Build / Test

Fix release process by removing check for SSI artifacts (#7180)
Add workaround for messed up execution_benchmark results (#7181)

Changes since 3.20.0

3.20.0

[!WARNING]
Some old versions of glibc can trigger crash scenarios in version 3.20.0 of the tracer when running on Linux arm64, particularly when using ASM. We recommend updating to 3.20.1 or newer.

Summary

Fix AWS S3 DeleteBucket integration (#7118)
Fix protobuf instrumentation error on versions < 3.13 (before Aug 14 2020) (#7108)
[Tracer] Capturing GraphQL Errors With SpanEvents (#6899)
Avoid using AsyncManualResetEvent in DSM stats processing (#7027)
Add fix for race condition in InitResult (#7121)

Changes

Tracer

Avoid using AsyncManualResetEvent in DSM stats processing (#7027)
Fix AWS S3 DeleteBucket integration (#7118)
Update service discovery check (#7122)
Improve CharSlice allocations (#7127)
Disable data pipeline if libdatadog is not available (#7128)
use manual instead of unknown (#7143)
Check for incorrect values in Manual assembly (#7144)
Don't write native loader logs when bailing out in Windows SSI (#7147)

ASM

[AAP][ApiSec] Add response body parse switch in API Security (#7095)
Add fix for race condition in InitResult (#7121)

Fixes

[AAP] Reduce waf config diagnostics log levels (#7094)
Fix log4net tests to account for new process span to check for Android (#7104)
Fix protobuf instrumentation error on versions < 3.13 (before Aug 14 2020) (#7108)
Create a StringUtil helper for correct nullable annotations on string.IsNullOrEmpty (#7119)
Silently ignore empty user ids. (#7150)

Miscellaneous

[Tracer] Capturing GraphQL Errors With SpanEvents (#6899)
[Test Optimization] Remove impacted tests backend implementation (#6901)
Fix null reference exception (#7077)
[Test Package Versions Bump] Updating package versions (#7090)
Update libdatadog to v19.0.0 (#7105)
Add global tracing command to FleetInstaller.exe (#7110)
Avoid dlclose on glibc 2.34-2.36 (#7125)
[Test Package Versions Bump] Updating package versions (#7126)
Update .gitlab/one-pipeline.locked.yaml (#7129)
Update libdatadog to v19.0.1 (#7139)
[Docs] Fix Readme BuildAndRunOsxIntegrationTests sample (#7148)

Build / Test

Grpc legacy flaky test (#7096)
Do not save system-tests/agent image (#7106)
... (truncated)

3.19.0 Summary

Fix recursive visibility error in duck typing (#7087)
Fix NullReferenceException in Rabbit. (#7083)
Fix exception when closing a Span with null ServiceName (#6748)
[Test Optimization] Improve git commands (#7050)
[Profiler] Enable GC CPU consumption and thread lifetime features (#7045)
[Dynamic Instrumentation] DEBUG-4063 Add WCF support for dynamic span tags (#7097)-

Changes

Tracer

[Tracer] Add sampling tags during serialization (#5360)
[tracer] fix exception when closing a Span with null ServiceName (#6748)
chore(telemetry): track whether tracing was enabled via ssi (#6938)
Fix ErrorSkipTelemetry by changing primary file logger to sub-logger config (#7049)
chore: disable data pipeline by default (#7055)
fix(trace-exporter): add error handling when releasing handles in ErrorHandle, TraceExporter, and TraceExporterConfiguration (#7061)
Fix recursive visibility error in duck typing (#7087)
[Dynamic Instrumentation] DEBUG-4063 Add WCF support for dynamic span tags (#7097)

CI Visibility

[Test Optimization] Improve git commands (#7050)

ASM

Fix IAST DDBB flaky unit tests (#6958)
[AAP] Update waf version to v1.25.1 (#7079)

Continuous Profiler

[Profiler] Add DD_PROFILING_HTTP_ENABLED env var configuration (#6993)
[Profiler] Enable GC CPU consumption and thread lifetime features (#7045)

Debugger

[Dynamic Instrumentation] DEBUG-3961 Enable SymDB by default (#7012)

Fixes

Update list of processes excluded from instrumentation (#6599)
fix(trace-exporter): use universal osx binaries for libdatadog (#7058)

Miscellaneous

feat(trace-exporter): setup boilerplate for data-pipeline integration (#6314)
[Test Package Versions Bump] Updating package versions (#6988)
[Tracer] Service discovery integration (#7014)
Delete empty commontags interface (#7060)
Set DD_TRACING_ENABLED=tracing for IIS based SSI (#7068)
[Test Optimization] Add support for MSTest 3.9.x (#7070)
Don't fail the IIS instrumentation installation if IIS is not available (#7071)
Refactoring to support DSM default state (#7082)
Fix NullReferenceException in Rabbit. (#7083)
Fix error in DefaultModelBindingContext (#7086)
... (truncated)

3.18.0 Summary

Add support for async Oracle DB commands
Add support for Microsoft.Extensions.Telemetry v9.5.0
Various bug fixes

Changes

Tracer

Differentiate between error states in logs (#7030)

ASM

[AAP] Update waf value obfuscation default regex value (#7004)
[AAP] Update waf to v1.25.0 (#7005)

Fixes

Ensure that there is an ActiveScope for AWS SDK Http integration (#7013)
Fix Microsoft.Extensions.Telemetry logging integration for 9.5.0 (#6989)
Fix a NullReferenceException in AWS SDK RuntimePipelineInvokeAsyncIntegration (#7019)
fix: enable retries on failure due to script error (#7022)
Fix support for async Oracle DB commands (#7034)
[Code Origin] DEBUG-3935 Fix type handle mismatch when resolving attribute type (#6994)

Miscellaneous

Add net8.0 and net9.0 to trimming nuspec (#6983)
Add ILogger.ErrorSkipTelemetry() to exclude certain logs from telemetry (#7028)

Build / Test

Update Microsoft.Azure.Functions.Worker.Sdk to 2.0.3 (#6996)
Pre-install the .NET SDK in Windows CI runners (#7001)
Fix timeout exception (#7007)
Add timeouts and retries to LiveDebuggerTests when debugger is disabled (#7010)
Allow specifying SampleName filter and comprehensive version testing (#7015)
Revert "Benchmarks: Update microbenchmarks to customize BenchmarkDotNet command line arguments" (#7016)
Update Microsoft.Azure.Functions.Worker.Sdk to 2.0.4 (#7018)
Replace DownloadPipelineArtifact by a pipeline step (#7021)
Skip flaky debugger tests on x86 (#7023)
Streamline release process by not explicitly creating a tag in create_draft_release.yml (#7024)
Mark a couple of tests as flaky (#7026)

Changes since 3.17.0

3.17.0 Summary

[Tracer] Add support for AWS SDK v4.0
[Tracer] Fix resource-based sampling for ASP.NET spans in IIS
[Tracer] Automatically disable Kafka header injection for unsupported brokers
[Test Optimization] Fixes for Impacted Tests and Attempt To Fix
[ASM/IAST] Improve sampling behaviour for vulnerability detection and schema extraction

Changes

Tracer

Add support for AWS SDK v4.0 (#6929)
[Tracer] Fix resource-based sampling for ASP.NET spans in IIS (#6936)
Fix: change cmd.component to component for process spans (#6969)

CI Visibility

[Test Optimization] Add missing provider's environment variables. (#6956)
[Test Optimization] Attempt to fix from v2 to v4 (#6963)
[dd-trace] Improved GAC commands (#6995)
Fix exit code from GacUninstallCommand when the assembly is not in the GAC (#7003)

ASM

[ASM] Disabled sampling in API Sec schema extractor in Standalone mode (#6957)
[IAST] New sampling mechanism (#6971)

Continuous Profiler

[Profiler] Provide exact minor.build version information for .NET Framework applications (#6974)
[Profiler] Refactor sample transformation (#6975)

Dynamic Instrumentation

[Dynamic Instrumentation] DEBUG-3796 Fix rate limiting for probes that don't have limit (#6921)

Fixes

Protect against null ref in W3CTraceContextPropagator.cs (#6991)
Add tests for manual injection/extraction and guard invalid implementations (#6998)
Disable Kafka header injection when brokers return unknown error (#6945)

Build / Test

Fix Debugger Windows integration tests not running (#6754)
Remove throughput tests (#6790)
Speed up Serilog, Grpc, and RabbitMq tests (#6894)
Remove Benchmark stages (#6895)
Remove isBenchmarksOnlyBuild from the pipeline (#6897)
Remove package_linux as a dependency of integration_tests_linux (#6911)
Avoid SystemDataSqlClientTests flaky tests (#6912)
Delete pipeline monitor (#6913)
Bump the gh-actions-packages group across 3 directories with 10 updates (#6915)
Remove deprecated field in datadog-static-analyzer-github-action (#6916)
[Test Package Versions Bump] Updating package versions (#6917)
Update test projects and samples to target .NET Framework 4.8 (#6922)
... (truncated)

3.16.0 Summary

[IAST] Add support for .NET 9 ReadOnlySpan<T> overloads for string manipulation
[IAST] Change cookie filter default value to avoid flooding
[Continuous Profiler] Add WaitHandle wait duration profiling
[Continuous Profiler] Fix possible shut down crash scenarios
[Exception Replay] Added support for top-most failing local root span

Changes

Tracer

[Tracer] update sampling formula (#6866)

ASM

[ASM] Removed unneeded rewrite PInvoke call for ASM (#6914)
[IAST] Add support for Dotnet 9 ReadOnlySpan String overloads (#6846)
[IAST] Change cookie filter default value (#6889)
[IAST] Iast Aspects logs refactor (#6888)

Continuous Profiler

[Profiler] Implement WaitHandle wait duration profiling (#6426)
[Profiler] Bump libdatadog to v17.0.0 (#6805)
[Profiler] Fix timer_create bug (#6811)
[Profiler] Fix short lived threads scenario (#6864)
[Profiler] Fix missing http profiler in profiler_list tag (#6865)
[Profiler] Remove logs in buggybits if needed (#6898)
[Profiler] Fix IpcServer for .NET Framework (#6903)
[Tracer] Fix possible crash in ContextTracker on shutdown (#6893)

Debugger

[Exception Replay] Added support for top-most failing local root span + Communicating failure to capture errors (#6859)

Fixes

Remove not required samples (#6862)

Miscellaneous

Add readme for MacOS development (#6018)
Add documentation around Xunit.Combinatorial (#6880)
[Dynamic Instrumentation] DEBUG-3492 Remove duration from non method snapshots (#6735)
Revert "[Dynamic Instrumentation] DEBUG-3492 Remove duration from non… (#6902)

Build / Test

Bump Microsoft.Azure.Functions.Worker.Extensions.Http from 3.2.0 to 3.3.0 in /tracer/test/test-applications/azure-functions/Samples.AzureFunctions.V4Isolated (#6605)
Add Xunit.Combinatorial for Combinatorial/Pairwise testing (#6847)
Add traits to exclude tests that will not run anyway (#6858)
Fix build warnings in debugger and ASM samples (#6867)
[Test Package Versions Bump] Updating package versions (#6874)
Expand ownership of Version Bump related files (#6877)
Add "all-green" job to enfore green CI policy (#6879)
[CI] Use public symbol org API KEY (#6881)
... (truncated)

3.15.0 Summary

Add an inferred span to represent AWS API Gateway ([tracing] Create an inferred span for AWS API Gateway dd-trace-dotnet#6624)
Add V2 of the Event Tracking SDK for ASM ([ASM][ATO] User events sdk v2 methods dd-trace-dotnet#6760)
Add support for Datadog SpanEvents ([Tracer] Support for Datadog SpanEvents and Native Serialization dd-trace-dotnet#6769)
Add support for DynamoDB Span Pointers for Update Item and Delete Item (DynamoDB Span Pointers for Update Item and Delete Item dd-trace-dotnet#6775)
Collect detected endpoints in Kestrel for API Security ([ASM] API Security Endpoints collection (kestrel) dd-trace-dotnet#6733)
Add code.origin for entry spans in Dynamic Instrumentation
Restore Google.Protobuf instrumentation (restore Protobuf instrumentation for schema tracking dd-trace-dotnet#6826)
Fix edge case with loading instrumentations (Fix edge case with loading instrumentations dd-trace-dotnet#6815)
Disable instrumentations when an integration throws a MissingMethodException (Disable instrumentation when an integration throws a MissingMethodException dd-trace-dotnet#6807)

Changes

Changes since 3.14.3

3.14.3 Summary

Updates for initial Windows IIS OCI image preview release

Changes

Miscellaneous

Update .gitlab/one-pipeline.locked.yaml (#6818)

Changes since 3.14.2

3.14.2 Summary

Updates for initial Windows IIS OCI image preview release

Changes

Miscellaneous

Update initial Windows IIS OCI image preview release

Changes since 3.14.1

3.14.1 Summary

Initial preview release of Windows IIS OCI images

Changes

Misc

Initial Windows IIS OCI image preview release

Changes since 3.14.0

3.14.0 Summary

[Database Monitoring] Propagate context for some stored procedures

Changes

Misc

[Database Monitoring] Propagate context for some stored procedures (#6799)

Build / Test

[R&D Week Profiling] Add tests for sync over async scenarios (#6763)
Download and Copy libdatadog binaries for Data-Pipeline integration (#6777)

Changes since 3.13.0

3.13.0 Summary

Fix RabbitMQ V7+ headers being overwritten (thanks @johang88)!
Update the default value of DD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED to true
Fix Microsoft.Extensions.Telemetry logging integration in 9.3.0
[Test Optimization] Flaky Test Management feature
Temporarily remove instrumentation for Protobuf Schema tagging

Changes

Tracer

[Tracing] Update the default value of DD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED to true (#6751)
[Tracer] Fix Rabbitmq7 header injection overwrites user supplied basic properties [from external PR #6730] (#6753)
Fix Microsoft.Extensions.Telemetry logging integration in 9.3.0 (#6773)
Refactor RabbitMQ test sample (#6778)
Clarify doc comment for DD_TRACE_128_BIT_TRACEID_LOGGING_ENABLED (#6791)
fix: container ID prefix in metadata and related tests (#6793)

CI Visibility

[Test Optimization] Flaky Test Management feature (#6740)
[Test Optimization] Add missing test_session metric (#6776)

ASM

[ASM] Fix IAST Grpc DotNet flaky test (#6772)

Continuous Profiler

[Profiler] Change profiler to use the libdatadog dynamic library instead (#6301)

Debugger

Skip the failing debugger tests (#6755)

Serverless

Add AWS Lamda testing for .NET 9 (#6779)

Fixes

[BUG]: RabbitMQ Basic Properties overwritten to default values (#6723)
Fix: Rabbitmq7 header injection overwrites user supplied basic properties (#6730)
Remove instrumentation for Protobuf Schema tagging (#6792)

Build / Test

Fix dependabot configuration for gh-actions-packages group (#6696)
[IAST] LDAP flakiness fix (#6706)
[fleet installer] Add some integration tests (#6714)
[Test Package Versions Bump] Updating package versions (#6732)
[CI] Stop running windows throughput tests (#6752)
Remove profiler throughput tests and bump timeouts (#6757)
feat: add dev container for consistent development environment (#6761)
[Benchmarks] Migrate linux throughput tests (#6765)
ssi tests onepipeline (#6767)
Remove graphql scenarios from CI system tests (#6768)
... (truncated)

3.12.0 Summary

Fix NoWarn overriding in Datadog.Trace and Datadog.Trace.Trimming NuGet packages
[Tracer] Add support for S3 tracing using span links
[Test Optimization] Add support to xUnit v3 2.x.x
[ASM] Add support for standalone billing
[ASM] Add support for email injection detection in MimeKit and SimpleEmail
[Continuous Profiler] Enable ETW support by default for .NET Framework

Changes

Tracer

Adding datadog.json filepath to tracer startup logs (#6307)
[tracing] add null checks when iterating headers in propagators (#6460)
S3 Span Pointers (#6655)
don't propagate baggage when http client integration is disabled (#6692)
Fix: Ensure baggage properties are not interpreted as baggage values (#6693)
HTTP over streams: use vendored Utf8Parser.TryParse() (#6720)
[Tracing] Add configuration key DD_TRACE_EXPERIMENTAL_FEATURES_ENABLED (#6727)
[Tracing] Update DD_TAGS behavior through a feature flag to better align with Datadog Agent tags parsing logic (#6728)
Ignore entire baggage header if malformed (#6743)

CI Visibility

[Test Optimization] - Code refactor (#6709)
[Test Optimization] Add missing impacted test code in runner (#6722)
[Test Optimization] Add known tests feature (#6725)
[Test Optimization] Add support to xUnit v3 2.0.0 (#6738)

ASM

[ASM] Standalone billing V2 migration (#6663)
[ASM] Dont store additive context in httpcontext (#6609)
[ASM] Email injection: MimeKit and SimpleEmail (#6614)
[ASM] Add new RASP telemetry tags (#6685)
[ASM][ATO]Add business logic event address to the waf (#6701)
[ASM] Add new WAF events success telemetry tags. (#6707)
[ASM] WAF error span tags (#6729)
[ASM][ATO] Fix : remove ISession for trimming file, and ducktype (#6737)

Continuous Profiler

[Profiler] Properly initialize appDomainId (#6630)
[Profiler] Add Export project in Demo for datadog-ci tests (#6708)
[Profiler] Enable ETW support by default for .NET Framework (#6724)
[Profiler] Add logs for the different profilers configuration (#6739)
[Profiler] Add tag GC CPU samples (#6746)

Dynamic Instrumentation

[Dynamic Instrumentation] DEBUG-3572 Check for valid gzip content (#6687)

Serverless

... (truncated)

3.11.1 Summary

There are no changes in version 3.11.1 compared to 3.11.0, 3.11.1 is to unblock an issue with SSI artifacts.

The release notes for 3.11.0 are shown below for convenience

[Tracer] Add support for HotChocolate v15.x.x
[Tracer] Add trimming support to Datadog.Trace, instead of requireing Datadog.Trace.Trimming
[Tracer] Add support 128-bit trace ids in logs injection
[Tracer] Add ability to disable ActivitySources from being listened to
[Test Optimization] Add support for MSTest v3.8.x
[Serverless] Add support for AWS SDK Step Functions
[Continuous Profiler] Include CPU samples in profile
[ASM] Always collect session ID
[Data streams management] Add profobuf schema as OpenAPI json as tags

Changes

Tracer

[Tracer] support 128-bit trace ids in logs injection (#5363)
Add ability to disable ActivitySources from being listened to (#5795)
[Dynamic Instrumentation] DEBUG-3132 Add Memoization Cache for Redaction Logic (#6292)
Fix W3CTraceContextPropagator for non-standard array types (#6654)
Remove unused method (#6659)
Fix DisabledIntegrationNames not correctly disabling the integration (#6664)
Pack trimming file in Datadog.Trace NuGet, and add trimming smoke tests for the NuGet packages (#6678)
only enable protobuf instrumentation when DSM is enabled (#6691)
Add support for HotChocolate v15.x.x (#6648)

CI Visibility

[Test Optimization] Support for MSTest v3.8.x (#6686)

ASM

[ASM][ATO] Collect session id at all times (#6623)

Continuous Profiler

[Profiler/Crashtracker] Bump libdatadog 16.0.3 (#6589)
[Profiler] Add number of CPU samples to the profile (#6646)
[Profiler] Fix Profiler execution benchmark tests (#6652)

Serverless

[SVLS-5559] Inject trace context into AWS Step Functions input attribute (#6171)
fix: dispose HttpWebResponses to avoid leaking FDs (#6661)

Build / Test

[CI] Sending CI Vis Data to HQ (#6621)
Build the FleetInstaller executable and include in Windows OCI image (#6644)
Add smoke tests for fleet installer (#6645)
Tack on apm-idm-dotnet reviewers to auto-bump PRs (#6665)
Make sure we upload hotfix artifacts to Azure (#6667)
... (truncated)

3.11.0 Summary

[Tracer] Add support for HotChocolate v15.x.x
[Tracer] Add trimming support to Datadog.Trace, instead of requireing Datadog.Trace.Trimming
[Tracer] Add support 128-bit trace ids in logs injection
[Tracer] Add ability to disable ActivitySources from being listened to
[Test Optimization] Add support for MSTest v3.8.x
[Serverless] Add support for AWS SDK Step Functions
[Continuous Profiler] Include CPU samples in profile
[ASM] Always collect session ID
[Data streams management] Add profobuf schema as OpenAPI json as tags

Changes

Tracer

[Tracer] support 128-bit trace ids in logs injection (#5363)
Add ability to disable ActivitySources from being listened to (#5795)
[Dynamic Instrumentation] DEBUG-3132 Add Memoization Cache for Redaction Logic (#6292)
Fix W3CTraceContextPropagator for non-standard array types (#6654)
Remove unused method (#6659)
Fix DisabledIntegrationNames not correctly disabling the integration (#6664)
Pack trimming file in Datadog.Trace NuGet, and add trimming smoke tests for the NuGet packages (#6678)
only enable protobuf instrumentation when DSM is enabled (#6691)
Add support for HotChocolate v15.x.x (#6648)

CI Visibility

[Test Optimization] Support for MSTest v3.8.x (#6686)

ASM

[ASM][ATO] Collect session id at all times (#6623)

Continuous Profiler

[Profiler/Crashtracker] Bump libdatadog 16.0.3 (#6589)
[Profiler] Add number of CPU samples to the profile (#6646)
[Profiler] Fix Profiler execution benchmark tests (#6652)

Serverless

[SVLS-5559] Inject trace context into AWS Step Functions input attribute (#6171)
fix: dispose HttpWebResponses to avoid leaking FDs (#6661)

Build / Test

[CI] Sending CI Vis Data to HQ (#6621)
Build the FleetInstaller executable and include in Windows OCI image (#6644)
Add smoke tests for fleet installer (#6645)
Tack on apm-idm-dotnet reviewers to auto-bump PRs (#6665)
Make sure we upload hotfix artifacts to Azure (#6667)
Restrict dependabot github actions to patch version bumps (#6669)
[Test Package Versions Bump] Updating package versions (#6670)
Reduce flake in Fleet installer tests (#6671)
Minor refactor in ThreadAbortCodeFixProvider (#6673)
... (truncated)

3.10.2 Summary

There are no code changes in this release compared to 3.10.1
This release was done to update the latest tagged version of init-containers to fix a potential application crash issue.

Changes since 3.10.1

3.10.1 Summary

[Serverless] Resolve issue with sockets staying open too long in AWS Lambda integration.

Changes

Tracer

clean up http connections in AWS Lambda integration (#6661)

Changes since 3.10.0

3.10.0 Summary

[Tracing] Add S3 instrumentation and support for Microsoft.Data.SqlClient 6.x.x
[Tracing] Add DD_TRACE_PROPAGATION_BEHAVIOR_EXTRACT to control trace continuation from incoming headers
[CI Visibility] Add Xunit.v3 support
[CI Visibility] Initial Impacted Tests support
[ASM] Enable user id collection on authenticated requests
[ASM] Fix blocking Redirect requests with invalid status code
[Continuous Profiler] Implement outgoing HTTP requests profiling
[Dynamic Instrumentation] Various bug fixes and improvements

Changes

Tracer

[Tracing] Add s3 instrumentation (#6590)
[Tracing] Add configuration to change the trace context propagation extract behavior (APMAPI-1009) (#6320)
Remove Security and IAST statics in AspNetCoreDiagnosticObserver (#6564)
cleaning pass on HotChocolate instrumentation (#6580)
Add support for Microsoft.Data.SqlClient 6.x.x (#6638)
Call HttpRequest.BuildUrl to avoid URL caching (#6361)
Add Google Protobuf Instrumentation (#6166)
Revert "Add Google Protobuf Instrumentation (#6166)" (#6642)

CI Visibility

[CI Visibility] Add Xunit.v3 support (#6573)
[CI Visibility] Impacted Tests Reference Implementation (#6559)
[CI Visibility] Fix detached head situation (#6594)
[CI Visibility] Disable ImpactedTests flaky test (#6616)

ASM

[ASM][ATO] user id collection on authenticated request (#6431)
[ASM] Fix set status error in .Net framework (#6587)
Change the way we collect ip and header (#6591)
[ASM] Fix errors exceptions on HttpContext get_Items (#6592)
[ASM] [IAST] Enable email injection unit tests (#6595)
[ASM] Fix NullReferenceException on HttpTransport get_StatusCode (#6602)
[ASM][ATO] user id from sdk overwrite user login tags (#6603)
[ASM] Avoid null context repetitive log messages (#6607)
[ASM] Fix Blocking Redirect Invalid Status Code (#6619)
[IAST] Security Controls (#6635)
[IAST] Add IAST package exclusions (#6610)

Continuous Profiler

[Profiler] Implement outgoing HTTP requests profiling (#6280)
[Profiler] Fix Windows 64 bit stack walking (#6583)
[Profiler] Fix null check in GetMachineBootTime (#6628)

Debugger

[dynamic Instrumentation] DEBUG-2336 Add Concurrent Adaptive Cache (#6093)
[Exception Replay] Fixed capturing issue of async methods with await in finally block + added missing snapshot attributes + better frame matching algorithm (#6549)
... (truncated)

3.9.1 Summary

[Tracing/Serverless] Fix an issue in AWS Lambda layer where tracing failed in .NET 6 when using Ready2Run
[Continuous Profiler] Fix bug in stack walking on Windows

Changes

Continuous Profiler

[Profiler] Fix Windows 64 bit stack walking (#6583)

Fixes

Track internal rewrites and discard NGEN images (#6588)
Refactor the NGEN tracking fix to be more performant (#6598)

Build / Test

Skip non-linux OCI package creation (#6586)

Changes since 3.9.0

3.9.0 Summary

[Tracer] Add support for Azure Functions SDK v2 and ASP.NET Core Integration
[Tracer] Add support for RabbitMQ v7
[Tracer] Add support for OpenTelemetry's DefaultTextMapPropagator when used without the SDK
[Tracer] Fix container tagging for Alpine containers
[ASM] Various bug fixes and reliability improvements

Changes

Tracer

Add support for Microsoft.Azure.Functions.Worker.Core v2 (#6472)
Add support for RabbitMQ v7 (#6479)
Add CallTarget support for ValueTask in .NET FX and < .NET Core 3.1 (#6480)
Fix container tagging for Alpine containers (#6505)
Move SpanContextPropagator to TracerManager (#6511)
Fix Isolated Azure Functions performance when using ASP.NET Core Integration (#6567)
[Tracing] Provide default implementation for OpenTelemetry.Context.Propagation.Propagators.DefaultTextMapPropagator [AIDM-504] (#6544)

CI Visibility

[CI Visibility] Add missing telemetry metrics (#6443)
Add additional tests for CI Visibility configuration behaviour (#6513)
Wait for background task in ConfigureCiCommand (#6535)
[CI Visibility] Improve Git commands execution (#6545)

ASM

[ASM] Fix WebApi blocking on Response (#6488)
[ASM] Fix access violation exception when reading WAF addresses (#6510)
[ASM] Context disposed related exceptions when calling the WAF (#6529)
[ASM] Add a lock to handle WAF active addresses (#6566)
[ASM] Catch HttpException when reading the request body in .net461 (#6459)
[IAST] Lock vulnerabilities list access (#6531)
[IAST] Added IAST instrumentation category to ado net Reader integrations (#6523)

Continuous Profiler

[Profiler] Make timer_create-based CPU profiler default (#6315)
[Profiler] Cleanup repository (#6547)
Revert "[Profiler] Make timer_create-based CPU profiler default" (#6579)

Debugger

Fix pinned locals parsing + bump dotnet version for protobuf and eShopOnWeb exploration tests (#6475)
[Debugger] Don't redact config/address tokens (#6552)
[Debugger] Don't redact env tokens from probe snapshots (#6553)
[Dynamic Instrumentation] DEBUG-3223 SymDB compression fix (#6556)
[Dynamic Instrumentation] Change the way we are using the gzip stream in SymDB (#6562)

Serverless

Run Azure Functions integration tests on .NET 8 and .NET 9 (#6517)
[serverless] Upload serverless assets to Azure so we can release for a layer (#6561)

... (truncated)

3.8.0 Summary

[ASM] Improved error handling and reporting
[ASM/IAST] Fix a crash occurring when an attribute is decorated with itself
[Dynamic Instrumentation] Fix errors in symbol upload and exception replay
[AWS Lambda] Encode non-ascii error messages

Changes

Tracer

[Tracing] Refactor internal Span Links API (#6341)
Support relative path in DD_DOTNET_TRACER_HOME (#6434)
Add support for [DuckPropertyOrField] (#6463)

ASM

[ASM] Log FormatException from get_Uri as debug (#6489)
[ASM] Update Iast Log Warning to Error (#6492)
[ASM] upgrade warning to error (#6421)
[ASM] Fix IAST benchmark tests (#6462)
[ASM] Error metric for unknown operator errors (#6465)
[ASM] Introduce SecurityReporter for all reporting functions of SecurityCoordinator (#6481)
[ASM] Normalise aspects exception logging (#6495)
Fix build issues on aspects on net5.0 (#6500)

Debugger

[Dynamic Instrumentation] Hotfix SymDB and ER (#6468)

Serverless

[serverless] encode lambda error.msg and error.type (#6438)

Fixes

[IAST] Fix recursive custom attribute crash (#6470)

Build / Test

[IAST] Skip failing tests (#6455)
repo: mandatory issue templates (AIDM-424) (#6456)
K8s Lib Injection tests: run on a matrix (#6458)
[Build] Fix version bump autogen files error (#6464)
Fix the build and some versions (#6466)
[IAST] skip dotnet 2.1 tests that can't work (#6467)
Exclude common failure in smoke tests (#6469)
allow running exploration tests on mac (#6474)
[Test Package Versions Bump] Updating package versions (#6450)
[Test Package Versions Bump] Updating package versions (#6478)
[Test Package Versions Bump] Updating package versions (#6486)
Parallelize unit tests (#6483)
[IAST] Propagation tests reorg (#6487)
fix UpdateVendoredCode on mac (#6490)

Miscellaneous

... (truncated)

3.7.0 Summary

[IAST] Extend stored XSS to cover more databases
[IAST] Support of DefaultInterpolatedStringHandler
[Tracer] Add support for HotChocolate 14.x.x, GraphQL.NET 8.x.x, Aerospile.Client 8.x.x, MongoDB 3.0.0, and NpgSQL 9.x.x
[Tracer] Fix runtime-metrics thread count
[CI Visibility] Improve support for MSTest

Changes

Tracer

Add Support for GraphQL HotChocolate v14 (#6248)
Add support for Graph.NET v8 (#6423)
Add support for Aerospike.Client v8 (#6424)
Add support for mongodb v3 (#6354)
Update npgsql to support 9.x.x (#6350)
Filter out dead threads in runtime metrics (#6298)
Fix bug in manual instrumentation (#6330)
Bail out if we're in a no-dynamic-code scenario (#6362)
Remove settings snapshot generator (#6370)
Ducktype instance type check (#6373)
Remove old generated public APIs (#6376)
Add try catch on shutdown (#6378)
Simplify duplication in IConfigurationSource (#6386)
Make more integration settings case insensitive (#6393)
Update config-in-code manual instrumentation to use an IConfigurationSource (#6397)
Remove the vendored arraypool eventsource (#6398)
Make DirectLogSubmissionSettings properly immutable and remove ImmutableDirectLogSubmissionSettings (#6400)
Make IntegrationSettings properly immutable and remove ImmutableIntegrationSettings (#6405)
Make ExporterSettings properly immutable and remove ImmutableExporterSettings (#6408)
Validate data before EnumNgenModuleMethodsInliningThisMethod call (#6410)
Make TracerSettings properly immutable and remove ImmutableTracerSettings (#6415)
[Tracer] Fix git metadata retrieval (#6444)
[dd-dotnet] Catch error when failing to read env vars on IIS (#6430)

CI Visibility

[CI Visibility] Fix MSTest integrarion bug (#6336)
[CI Visibility] Specify if the user is setting the DD_SERVICE (#6348)
[CI Visibility] Adding nullability checks (#6374)
[CI Visibility] Use same number of execution in EFD tests (#6416)
[CI Visibility] Set TracerSettings using a configuration source instead of mutating (#6399)

ASM

[ASM] Native CallTarget definitions (#6252)
[APM] Exclude windows only definitions from non windows dlls (#6270)
[ASM] IAST events in span's meta_struct (#5803)
[ASM][ATO] Collect request headers on login user events (failures and success) (#6225)
[ASM] Update WAF v1.21.0 Ruleset 1.13.3 (#6287)
[ASM] Restore IAST unit tests (#6294)
[ASM][ATO] Adapt v3 new login tags and fix signup tags (#6302)
... (truncated)

3.6.1 Summary

[Profiler] Fix a crash scenario on windows
[CI Visibility] Catch crash when intelligent test runner upload fails
[ASM IAST]: Fix for NullReferenceException in Stacktrace Walker

Changes

CI Visibility

[CI Visibility] Catch UploadRepositoryChanges exceptions (#6331)

ASM

[ASM] iast: Fix for NullReferenceException in Stacktrace Walker (#6326)

Continuous Profiler

[Profiler] Fix a crash scenario on windows (#6328)

Miscellaneous

[Crashtracking] Filter the ptrace_create hook (#6337)

Changes since 3.6.0

3.6.0 Summary

Adds support for .NET 9
Adds DSM support for AWS SNS
Add support for baggage propagation
[CI Visibility] Add support for coverlet.msbuild coverage reporting
[Dynamic Instrumentation] Collect code origin for exit spans
[ASM] Fix shutdown bug
[Continuous Profiler] Fix crash at shutdown

Changes

Tracer

Baggage part 3/3: add public api to Datadog.Trace.Manual (#6190)
Baggage part 2/3: propagation (#6158)
Remove dependency on System.IO.Compression for .NET Framework build (#6192)
Add default value to StringBuilderCache, and use in more places (#6232)
Enable baggage propagator by default (#6258)
Add support for AllowWriteStreamBuffering=false in WebRequest for .NET 9 (#6271)
Add initial support for .NET 9 (#6265)
Ensure that we never run any call target instrumentations in partial trust (#6290)

CI Visibility

[CI Visibility] Add more checks for the object pack files (#6256)
[CI Visibility] GitInfoProvider refactor (#6259)
[CI Visibility] Add support for coverlet.msbuild coverage reporting (#6284)
[CI Visibility] Fix GitCommandParser test (#6289)
[CI Visibility] Catch some gitinfo exceptions. (#6297)

ASM

[ASM] Avoid HttpRequestValidationException when reading body or namevalueCollection values (#6185)
[ASM] Fix issue with waf disposing while it might concurrently be updating (#6250)
[ASM] Serialize ASM tags and metrics (#6272)
[ASM] Fix benchmarks AppSecBodyBenchmarks: have a trace context to avoid null reference exceptions (#6274)
[ASM] IAST: Add web form tests (#6276)
[ASM] iast: Fix Microsoft.Data.Sqlite database tainting (#6295)
[IAST] Minor cleanup in IAST aspects (#6293)
[IAST] Updated CallSite IL Dump (#6240)

Continuous Profiler

[Profiler] CPU profiler: Check if the stackwalk lock was not already taken (#6198)
[Profiler] Prevent StackSamplerLoop from crashing at shutdown (#6238)
[Profiler] Add metrics for cpu and walltime profilers (#6267)
[Profiler] Fix crash at shutdown with the timer_create-based CPU profiler (#6268)

Debugger

[Dynamic Instrumentation] DEBUG-2916 Stabilize the probe processor (#6077)
[Dynamic Instrumentation] DEBUG-3088 Add object pool (#6105)
[Dynamic Instrumentation] DEBUG-2913 Fix runtime reflection exceptions when getting field value (#6078)
[Dynamic Instrumentation] DEBUG-2602 Collection expressions fixes (#6087)
... (truncated)

3.5.0 Summary

Add support for Ready2Run and NGen behaviour with manual instrumentation
Fix for IIS apps using CustomConfigurationBuilder with multiple apps in a pool
[DBM] Fix DBM bugs (pgssql query plan hints ignored, DbDataSource issues, missing Transaction scope)
[ASM] Only run RASP file operations on read operations
Fix Remote Configuration values should be 64-bit not 32-bit

Changes

Tracer

Make DD_TRACE_<INTEGRATION>_ENABLED Case Insensitive (#6175)
Baggage part 1/3: change propagator signatures (#6157)

CI Visibility

[CI Visibility] Fix errors detected from error tracking. (#6222)

ASM

[ASM] remote configuration refactoring and simplifying updates (#6179)
[ASM] Add rules version to all spans when ASM enabled (#6188)
[ASM] Fix possible null reference exception in extracting headers (#6211)
[ASM] Update ruleset to version 1.13.2 (#6218)
[ASM] Restrict RASP Lfi operations to read operation only (#6221)

Continuous Profiler

[Profiler] Make LibrariesInfoCache standalone (#6019)
[Profiler] Make sure we log only once for DebugInfoStore errors (#6187)
[Profiler] Improve EtwEventsManager cleanup (#6189)
[Profiler] Fix bugs in the timer_create-based CPU profiler (#6229)

Fixes

Add workaround for ASP.NET ConfigBuilder issue (#6147)
Reject method NGEN image if there's a rejit request for that method. (#6184)
Revert "Load the tracer/profiler after guardrails checks" (#6200)
[DBM][fix] Do not prepend DBM injected comment when a pg plan hint is present (#6204)
move all RC int values to long, to mirror RC backend (#6219)
Fix InvalidOperationException in DBM propagation (#6233)

Build / Test

[ASM] Fix TestExternalWafHeaders snapshot netcore 2.1 (#6202)
[Test Package Versions Bump] Updating package versions (#6150)
Inject startup hook preferentially into static constructor when available (#6154)
add new integrations system tests scenario (#6177)
Fix typo in create_draft_release.yml (#6194)
Fix using the wrong pool for smoke tests (#6196)
Pin Azure Functions version used in CI to get the integration tests running (#6203)
[Test Package Versions Bump] Updating package versions (#6206)
Fix some build warnings in sample apps (#6207)
Fix IIS LoaderOptimisation tests not testing anything (#6209)
Update CosmosDb snapshots (#6213)
... (truncated)

3.4.1 Summary

Fix a crash when .NET Framework and .NET Core run in the same process, which can typically happen when using IIS an ".NET CLR Version" is not set to "No Managed Code". May also affect applications running in Azure App Service.

Changes

Fixes

Revert "Load the tracer/profiler after guardrails checks" (#6200)

Changes since 3.4.0

3.4.0

[!WARNING]
We've identified a bug in version 3.4.0 only that can crash applications that run .NET Framework and .NET Core in the same process, which can typically happen when using IIS. Please ensure you update to 3.4.1.

If you're using .NET Core in IIS, make sure to set ".NET CLR Version" to "No Managed Code" in the application pool settings, as described in the Microsoft documentation.

Summary

[Tracing] Add ability to disable additional ADO.NET Command Types using DD_TRACE_DISABLED_ADONET_COMMAND_TYPES
[Tracing] Add support for 3.x.x of log4net
[CI Visibility] Automatic Test Retries
[CI Visibility] Add support for session logical names
[CI Visibility] Add extra tags for vcpu_count and in GitHub Action pull_requests runs
[ASM] Enable API Security feature by default
[ASM] Add support for attacker fingerprinting
[ASM] Add support for suspicious attacker blocking
[Continuous Profiler] Fix potential deadlock between watcher and sampler threads
[Continuous Profiler] Improve performance for CPU profiler
[Serverless] Add EventBridge and 128-bit trace ID support
[DBM] Ensure context injection does not affect DBM injection

Changes

Tracer

[Tracer] Set _dd.base_service tag whenever a span's service name is different than the default value (DD_SERVICE) (#5502)
Add ability to disable additional ADO.NET Command Types (#6042)
Add support for 3.* of log4net (#6075)
[APMAPI-473] Making DD_HTTP_*_ERROR_STATUSES Config Keys Consistent (#6095)
Subscribe to AssemblyLoadContext.Default.Resolving (#6148)
Fix return value on error in delegate instrumentation (#6153)
Add support for the "new" dev.azure.com style URLs in SourceLink URL parsing logic (#6159)
Include pID in managed logs filename (#6161)
Ensure we don't throw a null reference exception in Manual instrumentation (#6169)

CI Visibility

[CI Visibility] Test session logical names (#6050)
[CI Visibility] Add vcpu_count tag to tslv events (#6055)
[CI Visibility] Automatic Test Retries (#6061)
[CI Visibility] Avoid failing unfinished tests (#6063)
[CI Visibility] Add support for MSTest 3.6.0 (#6080)
[CI Visibility] Hide running command by default. (#6086)
[CI Visibility] Fix code coverage enabled tag behavior (#6111)
[CI Visibility] Add extra tags to GitHub Action pull_requests runs (#6141)
[CI Visibility] Ensure commit messages are trimmed (#6170)

ASM

[ASM] Segregate asm and iast contexts functionality (#6118)
[ASM] Delete unused snapshots (#5758)
[ASM] Attacker fingerprint (#5982)
[ASM] Fix exception when accessing ReportedExternalWafsRequestHeaders (#6030)
[ASM] Activate api sec by default (#6043)
... (truncated)

3.3.1 Summary

Fixes a bug introduced in 3.3.0 in which attempting to run some commands (e.g. cat) in some distros would give the error symbol lookup error: /opt/datadog/continuousprofiler/Datadog.Linux.ApiWrapper.x64.so: undefined symbol: dlsym

Changes

Continuous Profiler

Fix dlsym issue (#6048)

Changes since 3.3.0

3.3.0

[!WARNING]
We've identified a bug with the .NET Tracer with the Continuous Profiler enabled that may cause applications to crash - please avoid 3.3.0 and instead use 3.2.0 for the time being. We are working on a hotfix for this ASAP.

Summary

[ASM] Fix some minor bugs (#5943, #5955, #6017)
[ASM] Improvements to stack trace reporting (#6011, #5997)
[Dynamic Instrumentation] Add support for typeof expression
[Continuous Profiler] Add support for heuristic-based activation (#5240, #6002, #6026)
[DBM] Full propagation mode for SQL Server (#5859)

Changes

ASM

[ASM] Avoid unhandled HttpRequestValidationExceptions (#5943)
[ASM] Avoid reporting unknown matcher WAF errors (#5955)
[ASM] RASP: add telemetry tag for shell injection (#5993)
[ASM] Add new capabilities for RC (#6008)
[ASM] Change stack trim proportion (#6011)
[ASM]Fix InvalidOperationException in httpContext.Items (#6017)
[ASM] Capabilities reporting against WAF versions. (#6028)
[IAST] Add Stack trace to vuln location (#5997)
[IAST] Fix system test weak_cipher system test (#6034)

Continuous Profiler

[Profiler] Support Single Step Instrumentation deployment and activation (#5240)
[Profiler] Contention profiling: add blocking thread name (#5981)
[Profiler] Fix duplicated lifecycle telemetry (#6002)
[Tool] update continuous profiler diagnostics (#6014)
[Profiler] Disable timer_create-based CPU profiler when required (#6015)
[Profiler] Send ssi info with profiles (#6026)

Debugger

[Dynamic Instrumentation] DEBUG-2323 Add support for typeof expression in EL (#5539)

Build / Test

[Profiler] Disable SSI telemetry by default (#6020)
Fix SSI tests for profiler integration tests (#6016)
[Profiler/CI] Disable Profiler Windows ASAN job (#5987)
Add explicit permissions to all workflows (#5728)
[Test Package Versions Bump] Updating package versions (#5873)
[build] Build tracer with ReadyToRun (#5962)
Display the crash tests stdout live (#5964)
Timeit bump and fixes (#5971)
Add linux-musl-arm64 standalone dd-trace to the v3 release artifacts (#5974)
[CONTSEC-1501] Comment the action that uploads SARIF to Datadog (#5977)
Include snapshot diff in snapshot body (#5988)
Make sure we run all the TFMs on master builds (#5990)
Minor CI fixes (#6000)
Fix installer tests (#5994 => main) (#6004)
... (truncated)

3.2.0 Summary

This is the first stable release of the next major version of the .NET APM SDK.

The following are the high-level changes present in the 3.x.x release line compared to 2.x.x. These include breaking changes in public APIs, changes in artifacts, and changes to default settings.

For the full list of changes, including exactly what changed and how you should handle them, please see the MIGRATING document

New Features

Support for alpine images on ARM64. alpine images with version 3.18 and above, running on ARM64 images are now supported on .NET 6+.

Breaking changes

Custom-only tracing (using the Datadog.Trace NuGet package), without any automatic tracing, is no longer supported. Custom instrumentation with the Datadog.Trace NuGet where you have also configured automatic-instrumentation is still supported as it was in v2.x.x.
The public API surface has changed in the Datadog.Trace NuGet package. A number of previously obsolete APIs have been removed, and some other APIs have been marked obsolete. Most changes are related to how you create TracerSettings and Tracer instances.
Changes to default settings. The default values of some settings have changed, and others have been removed. See below for more details.
Changes in behavior. The semantic requirements and meaning of some settings have changed, as have some of the tags added to traces. See below for more details.
The 32-bit MSI installer will no longer be available. The 64-bit MSI installer already includes support for tracing 32-bit processes, so you should use this installer instead.
The client library will still be injected when DD_TRACE_ENABLED=0. In v2.x.x, setting DD_TRACE_ENABLED=0 would prevent the client library from being injected into the application completely. In v3.0.0+, the client library will still be injected, but tracing will be disabled.
Referencing the Datadog.Trace.AspNet module is no longer supported. In v1.x.x and 2.x.x ASP.NET support allowed adding a reference to the Datadog.Trace.AspNet module in your web.config. This is no longer supported in v3.x.x.

Deprecation notices

.NET Core 2.1 is marked EOL in v3.0.0+ of the tracer. That means versions 2.0, 2.1, 2.2 and 3.0 of .NET Core are now EOL. These versions may still work with v3.0.0+, but they will no longer receive significant testing and you will receive limited support for issues arising with EOL versions.
Datadog.Trace.OpenTracing is now obsolete. OpenTracing is considered deprecated, and so Datadog.Trace.OpenTracing is considered deprecated. See the following details on future deprecation.
macOS 11 is no longer supported for CI Visibility in v3.0.0+. Only macOS 12 and above are supported.

Major version policy and future deprecation

Announcing a major version roadmap. We intend to make yearly major releases, starting from v3.0.0 in 2024, and v4.0.0 in 2025. We will aim for minimal breaking changes, with the primary focus being on maintaining support for new versions of .NET and removal of EOL frameworks and operating systems.
Planned removal of support for .NET Core 2.x and .NET Core 3.0 in version v4.0.0+. We intend to completely remove support for .NET Core 2.x and .NET Core 3.0 in v4.0.0. .NET Framework 4.6.1+ will continue to be supported.
Planned removal of support for some linux distributions. In version v4.0.0, we intend to drop support for CentOS 7, RHEL 7, and CentOS Stream 8.
Planned remove of support for App Analytics. In version v4.0.0, we intend to drop support for App Analytics and associated settings.

For the full list of changes, including exactly what changed and how you should handle them, please see the MIGRATING document

Updates in this release

In addition to the changes described above, this release includes the following features:

[Tracer] Skip inserting the startup hook into methods in the type Costura.AssemblyLoader (#5910)
[Tracer] Fix bug in ADO.NET connection string extraction #5949
[Exception Replay] Update configuration values #5821
[IAST] Taint values coming from database (#5804)
[IAST] Allow customized cookie filtering (#5804)
[ASM] RASP shell injection vulnerability (#5871)
[Profiler] Provide the thread id that blocked another thread (#5959)

Changes

Tracer

[Tracer] Skip inserting the startup hook into methods in the type Costura.AssemblyLoader (#5910)
Add support for alpine on arm64 (#5933)
... (truncated)

3.1.0-prerelease

Summary

This is the second pre-release of the next major version of the .NET APM SDK.

[ASM] Changes to the collection of usr.id for authenticated clients

ASM’s Account TakeOver (ATO) detection is now automatically monitoring all compatible user authentication frameworks to detect attempted or leaked user credentials during an ATO campaign.
To do so, the monitoring of the user activity is extended to now collect all forms of user IDs, including non-numerical forms such as usernames or emails. This is configurable with 3 different working modes: identification to send the user IDs in clear text; anonymization to send anonymized user IDs; or disabled to completely turn off any type of user ID collection (which leads to the disablement of the ATO detection).
The default collection mode being used is identification and this is configurable in your remote service configuration settings in the service catalog (clicking on a service), or with the service environment variable DD_APPSEC_AUTO_USER_INSTRUMENTATION_MODE.
You can read more here

[ASM] IAST Email HTML Injection vulnerability
[Dynamic Instrumentation] Support nullable types in templates and string lexicographic comparison
[Dynamic Instrumentation] SymDb readiness for Open Beta, matching symbols based on signature
[Exception Replay] Normalized exception hashing for more fine-grained aggregation

In addition, the following are the high-level changes present in the 3.x.x release line compared to 2.x.x. These include breaking changes in public APIs, changes in artifacts, and changes to default settings.

For the full list of changes, including exactly what changed and how you should handle them, please see the [MIGRATING](https://github.com/DataDog/dd-trace-dotnet/blob/master/docs/MIGRAT....

Description has been truncated

Bumps Datadog.Trace.Bundle from 2.56.0 to 3.26.0 Bumps Google.Cloud.Functions.Hosting from 2.0.0 to 3.0.1 Bumps Serilog from 4.1.0 to 4.3.0 Bumps Serilog.Sinks.File from 6.0.0 to 7.0.0 --- updated-dependencies: - dependency-name: Datadog.Trace.Bundle dependency-version: 3.26.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dotnet-dependencies - dependency-name: Google.Cloud.Functions.Hosting dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dotnet-dependencies - dependency-name: Serilog dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dotnet-dependencies - dependency-name: Serilog.Sinks.File dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dotnet-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added .NET Pull requests that update .NET code dependencies Pull requests that update a dependency file labels Sep 8, 2025

dependabot bot requested a review from a team as a code owner September 8, 2025 21:09

dependabot bot added dependencies Pull requests that update a dependency file .NET Pull requests that update .NET code labels Sep 8, 2025

This was referenced Sep 8, 2025

Bump Serilog and Serilog.Sinks.File #43

Closed

Bump Google.Cloud.Functions.Hosting from 2.0.0 to 3.0.1 #44

Closed

Bump Serilog from 4.1.0 to 4.3.0 #45

Closed

nhulston approved these changes Sep 8, 2025

View reviewed changes

nhulston merged commit 79047cb into main Sep 8, 2025
1 check passed

nhulston deleted the dependabot/nuget/cloud-run-functions/dotnet/dotnet-dependencies-d1965b128b branch September 8, 2025 21:29

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the dotnet-dependencies group with 4 updates #56

Bump the dotnet-dependencies group with 4 updates #56

Uh oh!

dependabot bot commented on behalf of github Sep 8, 2025 •

edited by atlassian bot

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Bump the dotnet-dependencies group with 4 updates #56

Bump the dotnet-dependencies group with 4 updates #56

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 8, 2025 • edited by atlassian bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

3.26.0

Summary

Changes

Tracer

ASM

Continuous Profiler

Serverless

Fixes

Build / Test

3.25.0

Summary

Changes

Tracer

Continuous Profiler

Debugger

Serverless

ASM

Fixes

Build / Test

3.24.1

Summary

Changes

Misc

3.24.0

Summary

Changes

Tracer

CI Visibility

ASM

Debugger

Serverless

Data Streams Monitoring

Build / Test

3.23.0

Summary

Changes

Tracer

CI Visibility

ASM

Continuous Profiler

Fixes

Miscellaneous

Build / Test

3.22.0

Summary

Changes

Tracer

CI Visibility

ASM

Continuous Profiler

Debugger

Serverless

Miscellaneous

3.21.0

Summary

Changes

Tracer

CI Visibility

ASM

Continuous Profiler

Debugger

Serverless

Fixes

Build / Test

3.20.1

Summary

Changes

Continuous Profiler

Miscellaneous

Build / Test

3.20.0

Summary

Changes

Tracer

dependabot bot commented on behalf of github Sep 8, 2025 •

edited by atlassian bot

Loading