build(deps): bump ddtrace from 2.2.0 to 2.3.1

[dependabot]

Bumps ddtrace from 2.2.0 to 2.3.1.

Release notes

Sourced from ddtrace's releases.

2.3.1

Bug Fixes

• propagation: This fix resolves an issue where a Context generated from extracted headers could lack a span_id or trace_id, leading SpanLink encoding errors.

2.3.0

New Features

• propagation: 128-bit trace ids are now used by default for propagation. Previously the default was 64-bit. This change is backwards compatible with tracers that still use 64-bit trace ids and should not cause any breaking behavior.
• dsm: Adds DSM pathway.hash tag to spans when DSM is enabled. This allows traces from the instrumented service to show up in the DSM traces tab.
• propagation: When the tracer is configured to extract and inject tracecontext, the tracer will propagate the tracestate values from other vendors so long as the traceparent trace-id matches the first found trace context, regardless of propagator configuration order. To disable this behavior DD_TRACE_PROPAGATION_EXTRACT_FIRST=true can be set.
• opentelemetry: Map reserved OpenTelemetry attributes to Datadog span model.
• opentelemetry: datadog operation name from semantic conventions
• propagation: If a valid context is extracted from headers, and the following extracted trace context's trace_ids do not match the valid context's, then add a span link to the root span to represent the broken propagation.
• tracing: This change treats spans that terminated with sys.exit(0) as successful non-error spans.
• tracing: This introduces the DD_TRACE_SPAN_TRACEBACK_MAX_SIZE environment variable, allowing the maximum size of tracebacks included on spans to be configured.

Bug Fixes

• CI Visibility: fixes the fact that the GITHUB_SERVER_URL environment variable was not being sanitized for credentials

• dynamic instrumentation: Needs to update the pubsub instance when the application forks because the probe mechanism should run in the child process. For that, DI needs the callback as the method of an instance of Debugger, which lives in the child process.

• CI Visibility: Fixes an issue where a ValueError was raised when using different path drives on Windows

• build: Fixes an issue where ddtrace could not be installed from source when using setuptools>=69 due to a change in the license field.

• tracing: Fixes an issue where the thread responsible for sending traces is killed due to concurrent dictionary modification.

• Vulnerability Management for Code-level (IAST): Generates cookies vulnerabilities report if IAST is enabled. Before this fix, Cookies vulnerabilities were only generated if both IAST and Appsec were enabled.

• Vulnerability Management for Code-level (IAST): This fix resolves an issue where, at AST patching to replace code with IAST aspects, passing the original function/method as an extra parameter for accurate patching unintentionally triggers side effects in methods obtained from an expression (like decode in file.read(n).decode()), resulting in unexpected multiple calls to the expression (file.read(n) in the example).

• Vulnerability Management for Code-level (IAST): This fix eliminates some reference leaks and C-API usage when IAST reports a vulnerability and calls get_info_frame.

• kafka: This fix resolves an issue where calls to confluent_kafka's produce method with key=None would cause an exception to be raised.

• tracing: This fix resolves an issue where ddtrace's signal handlers could cause Flask apps not to respond correctly to SIGINT.

• lambda: This change disables the use of multiprocessing.queue in Lambda, because it is not supported in Lambda

• logging: A log handler is automatically added to the ddtrace logger upon ddtrace import, when not using ddtrace-run. This can lead to duplicate logging if users add additional loggers and do not explicitly modify the ddtrace logger. This fix adds a feature flag that can be used to toggle this behavior off DD_TRACE_LOG_STREAM_HANDLER which defaults to true.

• structlog: Fixes TypeError raised when ddtrace log processor is configured with a tuple

2.3.0rc1

New Features

• dsm: Adds DSM pathway.hash tag to spans when DSM is enabled. This allows traces from the instrumented service to show up in the DSM traces tab.
• opentelemetry: Map reserved OpenTelemetry attributes to Datadog span model.
• opentelemetry: datadog operation name from semantic conventions
• propagation: 128-bit trace ids are now used by default for propagation. Previously the default was 64-bit. This change is backwards compatible with tracers that still use 64-bit trace ids and should not cause any breaking behavior.
• propagation: When the tracer is configured to extract and inject tracecontext, the tracer will propagate the tracestate values from other vendors so long as the traceparent trace-id matches the first found trace context, regardless of propagator configuration order. To disable this behavior DD_TRACE_PROPAGATION_EXTRACT_FIRST=true can be set.
• propagation: If a valid context is extracted from headers, and the following extracted trace context's trace_ids do not match the valid context's, then add a span link to the root span to represent the broken propagation.
• tracing: This change treats spans that terminated with sys.exit(0) as successful non-error spans.
• tracing: This introduces the DD_TRACE_SPAN_TRACEBACK_MAX_SIZE environment variable, allowing the maximum size of tracebacks included on spans to be configured.

Bug Fixes

... (truncated)

Commits

• ebc88ae fix(propagation): check for span_id and trace_id before creating span link [b...
• 39e71ee docs: fix release note for #7612 [backport 2.3] (#7710)
• b38d4d2 docs: fix readthedocs build [backport 2.3] (#7719)
• 80f3264 chore(rcm): payload logging (#7603)
• 1656e7d fix(tracer): fix multiprocessing queue on aws lambda (#7612)
• 0cfc263 fix(structlog): appends to default_processors via list to avoid TypeError (...
• ac29fa3 ci(opentelemetry): pin cattrs and otel-flask-instrumentation (#7682)
• f86bfd2 fix(setuptools): update deprecated license format (#7684)
• 2bd99af chore: deduplicate and abstract some bits of the release script (#7592)
• 80bf6a9 fix(asm): fix config in api_manager (#7678)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)