Releases: DataDog/dd-trace-php
Releases · DataDog/dd-trace-php
Release list
1.22.0
Note
This release adds experimental heap live profiling to the profiler. This is off by default. Enable it with the environment variable DD_PROFILING_EXPERIMENTAL_HEAP_LIVE_ENABLED =1 or INI setting datadog.profiling. experimental_heap_live_enabled =1.
Tracer
Fixed
- Fix
SpanStack::$activeunset corruption #3962 - Fix sandbox not saving/restoring
jit_trace_num#3964 - Fix
SpanStackstate corruption when tracing objects with deep clone operations #3976 - Fix
request_execbeing issued between requests #3939 - Fix Azure Functions instance name resolution DataDog/libdatadog#2077
- Fix remote config
tracing_sample_ratemissing/null deserialization DataDog/libdatadog#2102
Internal
- Fix crashtracker metadata: correctly distinguish JIT disabled vs opcache disabled, and correct system INI classification #3965
- Use libdatadog's CSS trace filter implementation, aligning filtering behavior with the agent #3986, DataDog/libdatadog#1985
- Add configurable sidecar connection retry interval #3977, DataDog/libdatadog#2106
- Emit
_dd.svc_srcspan tag per Service Override Source Attribution RFC #3948 - Fix duplicate span serialization in the sidecar DataDog/libdatadog#2107
Profiling
Added
- Add trampoline for frameless functions (FLF) to correctly capture timings on aarch64 and x86_64 #3595
- Add experimental heap-live profiling for memory leak detection, enabled via
DD_PROFILING_EXPERIMENTAL_HEAP_LIVE_ENABLED(requires allocation profiling to be active) #3623
Fixed
- Fix profiler crashes and hangs: stderr fd leak (
O_CLOEXECmissing) causing child processes to hang, NULL file dereference in timeline error observer on PHP 8.0, and async signal delivery to helper threads causing a segfault on ZTS builds #3364 - Fix macOS release builds for the profiler #3987
Internal
- Replace
lazy_staticwithstd::sync::LazyLockand optimizeSapi/RefCellExt#3990 - Simplify profiler name/version string constants to compile-time values #3998
AppSec
Changed
- Enable Rust helper by default for all PHP versions (can be disabled with
DD_APPSEC_HELPER_RUST_REDIRECTION=false) #3991
Internal
1.21.0
All products
Changed
- The sidecar is now always spawned unconditionally, regardless of configuration #3912
Internal
- Bump Rust MSRV to 1.87 #3926
Tracer
Added
- Add PHP feature flag evaluation including evaluation metrics via OTLP #3906, #3909, #3910, #3911
- Add
dynamic_serviceDBM propagation mode as a convenience alias forservicemode with base hash injection; this mode will replaceserviceon the long term #3940 - Add
DD_DBM_ALWAYS_APPEND_SQL_COMMENTto unconditionally append SQL comments in DBM regardless of sampling #3954 - Recognize PCF Garden container IDs for Cloud Foundry deployments DataDog/libdatadog#2025
Fixed
- Fix remote config not being delivered after forking #3958
- Fix span pointer invalidation crash during inferred span serialization with
DD_TRACE_INFERRED_PROXY_SERVICES_ENABLED#3934 - Fix buffer overflow in autoload path construction for oversized class/path names #3932
- Fix Swoole integration parsing the POST body regardless of
DD_TRACE_HTTP_POST_DATA_PARAM_ALLOWED#3931 - Guard JIT blacklist rewrite to prevent crashes with non-tracing JIT metadata #3929
- Fix OTel polyfill post hooks with
:voidreturn type overwriting the instrumented function's actual return value #3920 - Fix span stats broken for nested services due to incorrect
top_levelspan detection #3916 - Fix
php.compilation.total_time_msreporting values 1000x too large (microseconds labeled as milliseconds) #3915 (thank you @dortort!) - Fix memory corruption of INIs in ZTS builds #3898
- Fix data race in curl header assignment (non-atomic write to
_Atomicfield) #3945 - Fix sample rate normalization to 0..1 range, preventing incorrect Knuth hash computation #3935
- Fix multi-request failures caused by incorrect rinit ordering after tracer/ext split #3946
Internal
- Split the tracer code into a separate
tracer/directory within the extension #3912 - Improve crashtracker reliability: socket-based thread collection, incomplete stack handling, and
language:nativetag DataDog/libdatadog#2080, DataDog/libdatadog#2079, DataDog/libdatadog#2083
Profiling
Fixed
- Fix macOS release builds for the profiler #3923
Internal
- Support PHP DEBUG builds for the profiler, enabling ASAN testing in CI #3908
AppSec
Added
- Collect
x-datadog-endpoint-scanandx-datadog-security-testsecurity testing headers as span tags on HTTP entry spans, independent ofDD_TRACE_HEADER_TAGSand AppSec enablement #3925
Fixed
- Fix out-of-bounds iteration in PHP <8.1 backtrace
HashTableloop in the AppSec backtrace collection path #3933
1.20.0
All products
Fixed
- Properly reset SSI loader global state on shutdown to cleanly support reloading #3881
Internal
- Spawn the sidecar via dynamic linker instead of trampoline #3869
Tracer
Added
- Add support for OpenTelemetry logs (
DD_LOGS_OTEL_ENABLED=true, disabled by default) #3748
Changed
- Crashtracking now collects stack traces from all threads at the moment of a crash #3866
Fixed
- Fix NULL dereference crash in ZTS mode during sidecar/telemetry shutdown #3886
- Ensure remote config processing happens strictly after request initialization #3882
- Strip libpq-style paired quotes from PostgreSQL
dbnameDSN value in PDO integration #3885 - Fix use-after-realloc crash in tracestate formatting #3874
Profiling
Fixed
- Prevent panics in profiling encoding under out-of-memory and out-of-bounds conditions #3888
AppSec
Added
- Add AppSec integrations to Laminas Framework (http.route, endpoint collection, login events) #3716
Changed
- Update recommended ruleset to v1.18.0, adding Stripe and LLM endpoint detection rules #3859
Fixed
- Treat cleared shared memory as no-config rather than an error in AppSec helper #3876
- Avoid the possibility of sensitive data going to the telemetry logs backend via WAF strings #3884
Internal
1.19.2
Tracer
Changed
- Restrict the accepted amount of extracted tags and baggage #3854
Fixed
- Fix parentId refcount underflow #3851
- Fix SpanStack active reference corruption #3853
- Retry FFI telemetry batches when session config not yet available DataDog/libdatadog#1929
- Fallback to ftruncate if fallocate gets EPERM DataDog/libdatadog#1938
1.19.1
Tracer
Fixed
- Fix catastrophic backtracking in PDO integration #3848 - thanks for reporting @Strentz-Paul
1.19.0
Warning
This version has catastrophic backtracking in the PDO Integration. Please use 1.19.1 instead.
All products
Fixed
- Fix critical ZTS race condition in INI value refcounting that caused use-after-free crashes under concurrent load #3832
- Ensure a unique installation directory to avoid conflicts with other tools #3835
Tracer
Added
- Implement client-side stats computation using shared memory for zero-copy stats delivery, with fallback to socket on first payloads #3756, #3811, #3815, #3836
Changed
- Use a webserver-wide session ID for sidecar instead of per-fork session IDs, and propagate it to child processes via environment #3828, #3838
Fixed
- Fix ZTS race condition in
process_tags.serializedrefcounting on shared inter-thread string #3831 - Fix dynamic instrumentation installation regression when enabling via dynamic config #3843
- Handle
APM_MULTI_CONFIGremote configuration and fix missing data for exception replay #3791 - Fix duration of httpstream and live debugger spans being incorrectly reported as zero #3821
- Fix
instanceoftype aliases for PHP 7.x in live debugger DSL (integer/doublevsint/float) #3813 - Obfuscate
:nameplaceholder parameters in PDO queries for correct DBM correlation #3801 - Fix locale settings breaking ksr resolution #3797 (thank you @jdmaguire for the report!)
- Fix exception in PDO::__construct when signals arrive during database connection setup #3841
- Fix infinite loop in crashtracker runtime stack collection #3845
- Fix Request::get() removal in Symfony 8 #3809 - thanks for the fix @TomBrouws!
Internal
- Add timeout to sidecar info fetcher DataDog/libdatadog#1890
- Allow sidecar worker to be stopped cleanly after fork DataDog/libdatadog#1893
- Use a dedicated sidecar connection per PHP thread, reducing lock contention and enabling per-thread request queuing #3770
- Emit environment variable names in telemetry config (e.g.,
DD_TRACE_GENERATE_ROOT_SPAN) instead of INI dot notation #3783 - Default crash report upload to errors intake to be enabled DataDog/libdatadog#1902
- Flush telemetry on anticipated sidecar shutdown to avoid data loss for short-lived sidecars #3806
- Skip sending empty telemetry payloads DataDog/libdatadog#1894
- Wire telemetry extended heartbeat interval through sidecar SessionConfig DataDog/libdatadog#1882, #3800
Profiling
Added
- Support generator unwinding in stack traces #3807
AppSec
Fixed
- Fix Remote Config regression in Rust helper #3840
- Fix double-logging of broken connections as errors and improve connection error handling in Rust helper #3792, #3803
Internal
1.18.0
All products
Internal
- Update and shrink build images, migrate to clang 19 #3771
Tracer
Added
- Support ApmTracingMulticonfig in dynamic config #3773
Fixed
- Improve Symfony http.route resolution performance #3779 (thank you @B-Galati for the report!)
- Wrap PDO::__construct for signal handling #3786
Internal
- Fix spawn_worker trampoline issues DataDog/libdatadog#1844
AppSec
Added
- Enable rust helper on PHP 8.5 #3780 (can be disabled with
DD_APPSEC_HELPER_RUST_REDIRECTION=false)
1.17.1
All products
Fixed
- Fix SSI crashing on apache reload; add SSI int tests for appsec #3724, #3733
- Fix entity_id handling for Podman cgroupns=host cgroup path DataDog/libdatadog#1828
Internal
Tracer
Fixed
- Fix _dd.p.ksr scientific notation for very small sampling rates #3721
- Fixed shell_exec() null return being interpreted as error #3723
- Batch endpoint collection & remove Wordpress Endpoint collection #3764
- Fix sidecar performance by batching ack sending & consumption DataDog/libdatadog#1835
Profiler
Fixed
- Fix crash due to AAS getenv #3746
Internal
- Update libdatadog to v30.0, make CA root optional for profiling #3758
1.17.0
Warning
This version may have performance issues with Symfony, Laravel or Wordpress. Please use 1.17.1 instead.
All products
Changed
- Cache system getenv calls for improved request initialization performance #3670
Fixed
- Fix zombie creation in loader #3683
Internal
Tracer
Added
- Collect framework endpoints for Symfony, Laravel, and WordPress #3548
- Add sidecar thread mode as fallback connection for restricted environments #3573
- Add process_tags #3580, #3582, #3627, #3658, #3706, #3709
- Add
_dd.p.ksrpropagated tag for Knuth sampling rate #3701 - Add container tags support for DBM correlation #3708
Changed
- Optimize Symfony http.route caching with path map approach #3676
- Change the sidecar communication protocol #3695, DataDog/libdatadog#1742
Fixed
- Poll for new remote config after unblocking SIGVTALRM #3717
- Fix crash during shutdown in FrankenPHP #3662
- Fix possible race condition leading to crash on sidecar reconnect in ZTS mode #3655
- Fix possible crash in end hook of traced closure #3624
- Fix hook is_internal being backwards #3625
- Enforce span limit in curl_multi_exec and DDTrace\start_span code paths #3691
- Prevent dangling tracked_streams #3689
- Fix debugger ephemerals handling for nested log probes #3685
- Block sidecar notification signal during sleep to prevent premature wakeup #3656
- Fix sidecar permission denied with IIS AppPools DataDog/libdatadog#1776
- Cleanup limiters on sidecar shutdown DataDog/libdatadog#1659
- Fix function and type name ordering in debugger DataDog/libdatadog#1715
Profiler
Added
- Add I/O profiling support for macOS #3648
- Add process_tags to profiler uploader #3609
- Improve time sample accuracy by also gathering during allocation samples #3559
Fixed
- Store and restore errno in I/O profiling wrappers #3654
Internal
- Add internal metrics for profiling overhead #3616
- Avoid copy of function name when already UTF-8 encoded #3700
- Use libdd-profiling's ThinStr for function names #3631
- Shrink maximum file and function name length to 16,383 characters #3712
- Refactor ErrnoBackup::new is safe #3659
- Remove once_cell as a dependency #3607
AppSec
Added
Changed
- Revert DD_APPSEC_ENABLED to runtime config #3598
Fixed
- Send response headers on meta even without event #3653
Internal
1.16.0
All products
Fixed
- Fix packaging apks for new alpine versions #3555
- Fix http_response_header deprecation in installer #3553
Tracer
Added
- Support OpenTelemetry Metrics #3487
- Adds process_tags to the first span of each tracing payload #3566
- Distributed tracing header injection in HyperF/Swoole environments #3544
- Stream context integration with HTTP method #3534
Changed
- Enable http.endpoint calculation when appsec is explicitly enabled #3556
Fixed
- Fix panic after bailout in previous request #3537
- Avoid curl_getenv for unix:// too #3540
- Correct a bug on prepared statement regarding DBM correlation #3545
- Fix onclose in cycle collected spans #3587
- prefer poll() for channel DataDog/libdatadog#1443
- AWS lambda also can return EACCESS for shm_open DataDog/libdatadog#1446
Internal
- bump libdatadog to v25.0.0 #3568
Profiler
Changed
- Optimise allocation profiling for PHP >= 8.4 #3550
Fixed
- Fixed bindgen compatibility with PHP 8.5.1+ on macOS #3583
- Fixed SystemSettings initialization #3579
- Fixed UB and simplify SystemSettings #3578
- Fixed crash in upload for DD_EXTERNAL_ENV #3576
- Fixed crash in ddtrace_get_profiling_context #3563
- Check long string before allocating #3561
- Fixed incompatibility with ext-grpc #3542
- Revert unsafe optimization in memory profiling #3541
- Cap dependency name length to copied bytes #3538
Internal
AppSec
Added
- Reduce cardinality of helper.connection_* #3586
- Added fallback on http.endpoint for schema sampler #3557
Fixed
- Use abstract namespace on linux #3525