3.7.0

Summary

• [IAST] Extend stored XSS to cover more databases
• [IAST] Support of DefaultInterpolatedStringHandler
• [Tracer] Add support for HotChocolate 14.x.x, GraphQL.NET 8.x.x, Aerospile.Client 8.x.x, MongoDB 3.0.0, and NpgSQL 9.x.x
• [Tracer] Fix runtime-metrics thread count
• [CI Visibility] Improve support for MSTest

Changes

Tracer

• Add Support for GraphQL HotChocolate v14 (#6248)
• Add support for Graph.NET v8 (#6423)
• Add support for Aerospike.Client v8 (#6424)
• Add support for mongodb v3 (#6354)
• Update npgsql to support 9.x.x (#6350)
• Filter out dead threads in runtime metrics (#6298)
• Fix bug in manual instrumentation (#6330)
• Bail out if we're in a no-dynamic-code scenario (#6362)
• Remove settings snapshot generator (#6370)
• Ducktype instance type check (#6373)
• Remove old generated public APIs (#6376)
• Add try catch on shutdown (#6378)
• Simplify duplication in IConfigurationSource (#6386)
• Make more integration settings case insensitive (#6393)
• Update config-in-code manual instrumentation to use an IConfigurationSource (#6397)
• Remove the vendored arraypool eventsource (#6398)
• Make DirectLogSubmissionSettings properly immutable and remove ImmutableDirectLogSubmissionSettings (#6400)
• Make IntegrationSettings properly immutable and remove ImmutableIntegrationSettings (#6405)
• Make ExporterSettings properly immutable and remove ImmutableExporterSettings (#6408)
• Validate data before EnumNgenModuleMethodsInliningThisMethod call (#6410)
• Make TracerSettings properly immutable and remove ImmutableTracerSettings (#6415)
• [Tracer] Fix git metadata retrieval (#6444)
• [dd-dotnet] Catch error when failing to read env vars on IIS (#6430)

CI Visibility

• [CI Visibility] Fix MSTest integrarion bug (#6336)
• [CI Visibility] Specify if the user is setting the DD_SERVICE (#6348)
• [CI Visibility] Adding nullability checks (#6374)
• [CI Visibility] Use same number of execution in EFD tests (#6416)
• [CI Visibility] Set TracerSettings using a configuration source instead of mutating (#6399)

ASM

• [ASM] Native CallTarget definitions (#6252)
• [APM] Exclude windows only definitions from non windows dlls (#6270)
• [ASM] IAST events in span's meta_struct (#5803)
• [ASM][ATO] Collect request headers on login user events (failures and success) (#6225)
• [ASM] Update WAF v1.21.0 Ruleset 1.13.3 (#6287)
• [ASM] Restore IAST unit tests (#6294)
• [ASM][ATO] Adapt v3 new login tags and fix signup tags (#6302)
• [ASM] Extend locking to cover _disposed member variable (#6319)
• [ASM] RASP: Command injection vulnerability implementation (#6323)
• [ASM]Fix appsec waf benchmark for real (#6329)
• [ASM] iast: Tainting of DefaultInterpolatedStringHandler (#6340)
• [ASM] Skip integration tests using Microsoft.Data.Sqlite on netcoreapp3.0 (#6342)
• [ASM] Skip DefaultInterpolatedStringHandler flaky tests (#6379)
• [ASM] Fix possible stackoverflow if nested routedictionary (#6382)
• [IAST] fix tainting values stored in the db (#6389)
• [ASM] Fix IAST weak random vulnerability error (#6432)
• [ASM] Update WAF version to 1.22.0 (#6440)
• [ASM] Fix database tests (netcoreapp3.0) (#6442)
• [IAST] Native CallSites Definitions (#6241)
• [IAST] Fix compilation of Samples.Security.AspNetCore2 (#6441)

Continuous Profiler

• [Profiler] Use chrono types instead of integer type (#6288)
• [Profiler] Clean up profiler code (#6291)
• [Profiler] Force waiting for the LibrariesInfoCache service to be fully started (#6338)
• [Shared] Fix bug in logger (#6335)

Debugger

• [Dynamic Instrumentation] DEBUG-2256 Do not create ProbeProcessor when LiveDebugger isn't fully initialized (#6092)
• [Dynamic Instrumentation] DEBUG-3223 Add compression support for SymDB (#6427)

Data Streams Monitoring

• Data Streams Monitoring support in Kinesis (#6428)
• [DSM] Switch from ManualResetEventSlim to AsyncManualResetEvent (#6356)
• [DSM] Switch .NET tracer to injecting both base64 & binary headers (#6448)

Miscellaneous

• [Crashtracking] Zero the stackframe upon creation (#6346)
• [Crashtracker] Fix missing GetThreadDescription symbol (#6357)
• [Crashtracker] Use blazesym API to retrieve buildid (#6347)
• [Crashtracking] Display a nicer error message when the glibc version is too old (#6402)
• [Crashtracking] Improve handling of unhandled exceptions on Windows (#6435)
• Trim whitespace in DBM_PROPAGATION_MODE (#6332)
• Change ICorProfilerMethodEnum to use the COMPtr (#6334)
• Exclude InetMgr.exe from instrumentation (#6355)
• Introduce a SignatureBuilder to build signatures of arbitrary size (#6383)
• Use the signature builder in more places (#6384)
• [APM] Made native definition lists temporary (#6417)

Build / Test

• [Test Package Versions Bump] Updating package versions (#6351)
• [Test Package Versions Bump] Updating package versions (#6372)
• [Test Package Versions Bump] Updating package versions (#6392)
• [Test Package Versions Bump] Updating package versions (#6420)
• [Test Package Versions Bump] Updating package versions (#6437)
• [Test Package Versions Bump] Updating package versions (#6279)
• add the filepath we check for datadog.json to the output of diagnostic tool (#6273)
• Stop hiding build files in github search (#6299)
• Fix typo in smoke test (#6300)
• Fix CMake warnings (#6309)
• Ignore multiple instances of the same version of the tracer (#6310)
• Fix the debug symbol publish step in release process (#6312)
• Enable RuntimeMetricsShutdownSmokeTest only for .NET 9+ (#6316)
• Use agent telemetry proxy instead of the standalone telemetry (#6324)
• Try to fix flake in ManualInstrumentation tests (#6333)
• Fix alpine .NET Core 3.1 telemetry failures (#6339)
• Update dotnet test tests to take memory dump on hang (#6343)
• Bump timeit to 0.3.2 (#6349)
• Try enabling debug in EnumerateAssemblyReferencesTest (#6352)
• Update CODEOWNERS for IAST owned file (#6358)
• Add testing for latest Microsoft.Data.Sqlite (#6369)
• Removing MetaStruct check from TestSessionTimeoutVulnerability (#6395)
• Adding Delay to CheckForSmoke to Prevent Flakes (#6396)
• Dump process and children processes when a test hangups (#6401)
• Removing MetaStruct Check from TestDirectoryListingLeak (#6404)
• Report failures to update GitHub as build errors in Azure Devops (#6407)
• Pin the lang version in the Nuke build project (#6411)
• Fix checking for changes to generated files (#6412)
• Fix name of target creating trimming file + desc (#6422)
• Fix codeql to work on newer version of Ubuntu (#6445)
• Fix the no-op pipeline (#6449)
• Remove PublicApiTests.PublicApiHasNotChanged for Datadog.Trace.dll (#6385)
• Removing Delay in Smoke Test Helper Method (#6403)
• [Profiler] Update tests to save output to xunit.txt files (#6160)
• Add more info when GenerateDumpIfDbgRequested fails (take 3) (#6325)
• Add more info when GenerateDumpIfDbgRequested fails (take 4) (#6344)
• [Profiler] Disable flaky check (#6367)
• [Profiler] Avoid ETW tests flackiness (#6368)
• [Profiler] Fix UBsan Job (#6380)
• [Profiler] Use Vcpkg download and install native dependencies (libdatadog) (#6388)
• [Profiler] Fix static analysis job (#6406)

Changes since 3.6.1

3.6.1

Summary

• [Profiler] Fix a crash scenario on windows
• [CI Visibility] Catch crash when intelligent test runner upload fails
• [ASM IAST]: Fix for NullReferenceException in Stacktrace Walker

Changes

CI Visibility

• [CI Visibility] Catch UploadRepositoryChanges exceptions (#6331)

ASM

• [ASM] iast: Fix for NullReferenceException in Stacktrace Walker (#6326)

Continuous Profiler

• [Profiler] Fix a crash scenario on windows (#6328)

Miscellaneous

• [Crashtracking] Filter the ptrace_create hook (#6337)

Changes since 3.6.0

3.6.0

Summary

• Adds support for .NET 9
• Adds DSM support for AWS SNS
• Add support for baggage propagation
• [CI Visibility] Add support for coverlet.msbuild coverage reporting
• [Dynamic Instrumentation] Collect code origin for exit spans
• [ASM] Fix shutdown bug
• [Continuous Profiler] Fix crash at shutdown

Changes

Tracer

• Baggage part 3/3: add public api to Datadog.Trace.Manual (#6190)
• Baggage part 2/3: propagation (#6158)
• Remove dependency on System.IO.Compression for .NET Framework build (#6192)
• Add default value to StringBuilderCache, and use in more places (#6232)
• Enable baggage propagator by default (#6258)
• Add support for AllowWriteStreamBuffering=false in WebRequest for .NET 9 (#6271)
• Add initial support for .NET 9 (#6265)
• Ensure that we never run any call target instrumentations in partial trust (#6290)

CI Visibility

• [CI Visibility] Add more checks for the object pack files (#6256)
• [CI Visibility] GitInfoProvider refactor (#6259)
• [CI Visibility] Add support for coverlet.msbuild coverage reporting (#6284)
• [CI Visibility] Fix GitCommandParser test (#6289)
• [CI Visibility] Catch some gitinfo exceptions. (#6297)

ASM

• [ASM] Avoid HttpRequestValidationException when reading body or namevalueCollection values (#6185)
• [ASM] Fix issue with waf disposing while it might concurrently be updating (#6250)
• [ASM] Serialize ASM tags and metrics (#6272)
• [ASM] Fix benchmarks AppSecBodyBenchmarks: have a trace context to avoid null reference exceptions (#6274)
• [ASM] IAST: Add web form tests (#6276)
• [ASM] iast: Fix Microsoft.Data.Sqlite database tainting (#6295)
• [IAST] Minor cleanup in IAST aspects (#6293)
• [IAST] Updated CallSite IL Dump (#6240)

Continuous Profiler

• [Profiler] CPU profiler: Check if the stackwalk lock was not already taken (#6198)
• [Profiler] Prevent StackSamplerLoop from crashing at shutdown (#6238)
• [Profiler] Add metrics for cpu and walltime profilers (#6267)
• [Profiler] Fix crash at shutdown with the timer_create-based CPU profiler (#6268)

Debugger

• [Dynamic Instrumentation] DEBUG-2916 Stabilize the probe processor (#6077)
• [Dynamic Instrumentation] DEBUG-3088 Add object pool (#6105)
• [Dynamic Instrumentation] DEBUG-2913 Fix runtime reflection exceptions when getting field value (#6078)
• [Dynamic Instrumentation] DEBUG-2602 Collection expressions fixes (#6087)
• [Dynamic Instrumentation] DEBUG-3076 Code origin for exit spans (#6216)
• [Dynamic Instrumentation] DEBUG-3110 Fix how we access span in probe processor (#6242)

Miscellaneous

• Add DSM support for AWS SNS (#6253)
• Downgrade error to warning (#6263)
• Improve docs for building on mac (APMSP-1425) (#6254)
• baggage propagator clean up (#6266)
• Add additional exclusions for dependency collection (#6282)

Build / Test

• [IAST] Macos compilation warning fix (#6255)
• [refacto] Unify SNS and SQS instrumentation code (#6199)
• Add additional exclusions to for obsolete libraries (#6231)
• Fix typo in create_draft_release.yml (#6246)
• [Test Package Versions Bump] Updating package versions (#6249)
• Make snapshot tests compatible with running on Docker v2 (#6260)
• Fix R2R build for OSX-ARM64 (#6264)
• Small fixes for .NET 9 (#6277)
• Exclude Paket from exploration tests for now (#6283)
• Fix r2r manual instrumentation issue in .NET 9 x86 (#6286)
• Add more smoke testing for .NET 9 (#6296)

Changes since 3.5.0

3.5.0

Summary

• Add support for Ready2Run and NGen behaviour with manual instrumentation
• Fix for IIS apps using CustomConfigurationBuilder with multiple apps in a pool
• [DBM] Fix DBM bugs (pgssql query plan hints ignored, DbDataSource issues, missing Transaction scope)
• [ASM] Only run RASP file operations on read operations
• Fix Remote Configuration values should be 64-bit not 32-bit

Changes

Tracer

• Make DD_TRACE_<INTEGRATION>_ENABLED Case Insensitive (#6175)
• Baggage part 1/3: change propagator signatures (#6157)

CI Visibility

• [CI Visibility] Fix errors detected from error tracking. (#6222)

ASM

• [ASM] remote configuration refactoring and simplifying updates (#6179)
• [ASM] Add rules version to all spans when ASM enabled (#6188)
• [ASM] Fix possible null reference exception in extracting headers (#6211)
• [ASM] Update ruleset to version 1.13.2 (#6218)
• [ASM] Restrict RASP Lfi operations to read operation only (#6221)

Continuous Profiler

• [Profiler] Make LibrariesInfoCache standalone (#6019)
• [Profiler] Make sure we log only once for DebugInfoStore errors (#6187)
• [Profiler] Improve EtwEventsManager cleanup (#6189)
• [Profiler] Fix bugs in the timer_create-based CPU profiler (#6229)

Fixes

• Add workaround for ASP.NET ConfigBuilder issue (#6147)
• Reject method NGEN image if there's a rejit request for that method. (#6184)
• Revert "Load the tracer/profiler after guardrails checks" (#6200)
• [DBM][fix] Do not prepend DBM injected comment when a pg plan hint is present (#6204)
• move all RC int values to long, to mirror RC backend (#6219)
• Fix InvalidOperationException in DBM propagation (#6233)

Build / Test

• [ASM] Fix TestExternalWafHeaders snapshot netcore 2.1 (#6202)
• [Test Package Versions Bump] Updating package versions (#6150)
• Inject startup hook preferentially into static constructor when available (#6154)
• add new integrations system tests scenario (#6177)
• Fix typo in create_draft_release.yml (#6194)
• Fix using the wrong pool for smoke tests (#6196)
• Pin Azure Functions version used in CI to get the integration tests running (#6203)
• [Test Package Versions Bump] Updating package versions (#6206)
• Fix some build warnings in sample apps (#6207)
• Fix IIS LoaderOptimisation tests not testing anything (#6209)
• Update CosmosDb snapshots (#6213)
• Fix flake in Ngen ManualInstrumentationTests (#6214)
• Fixes Clion build on OSX (#6215)
• Run aspnetcore tests in other TFMs (#6217)
• Convert WebRequestTests to snapshot tests (#6223)
• Add smoke test for config builder instrumentation issue (#6224)
• Update version conflict test (#6226)
• [Test Package Versions Bump] Updating package versions (#6230)
• Add more info when GenerateDumpIfDbgRequested fails (take 2) (#6197)
• Add profiling scenario to onboarding tests (#6201)
• [Profiler] Remove non open source third party reference (#6163)
• [Dynamic Instrumentation] Fix line exploration tests (#6089)

Miscellaneous

• [Crashtracking] Collect PDB info (#6176)
• Revert "[Crashtracking] Disable crashtracking on Windows by default" (#6220)
• [ASM] Add event rules version in telemetry (#6208)

Changes since 3.4.1

2.61.0

Summary

Fix Remote Configuration values are 64-bit not 32-bit

Changes

Fixes

• Move all RC int values to long, to mirror RC backend (#6228)

Build / Test

• Pin Azure Functions version used in CI to get the integration tests running (#6227)

Changes since 2.60.0

3.4.1

Summary

• Fix a crash when .NET Framework and .NET Core run in the same process, which can typically happen when using IIS an ".NET CLR Version" is not set to "No Managed Code". May also affect applications running in Azure App Service.

Changes

Fixes

• Revert "Load the tracer/profiler after guardrails checks" (#6200)

Changes since 3.4.0

2.60.0

Summary

• [Tracing] Add ability to disable additional ADO.NET Command Types using DD_TRACE_DISABLED_ADONET_COMMAND_TYPES (#6054)
• [Serverless] Add support for 128-bit trace IDs for Lambda step functions (#6181)

Changes

Tracer

• Add ability to disable additional ADO.NET Command Types (#6054)
• [Tracer] Set _dd.base_service tag whenever a span's service name is different than the default value (DD_SERVICE) (#6122)
• Add support for the "new" dev.azure.com style URLs in SourceLink URL parsing logic (#6178)

Continuous Profiler

• [Profiler] Make sure Watcher thread is started before Sampler thread (#6128)

Serverless

• Extract Upper64 bit trace ID from extension response (#6181)

Build / Test

• Trigger consolidated pipeline on tags(#6053)
• Add SSI denylist and tests (#6182)
• Fix requirements.json test (#6186)

Changes since 2.59.0

3.4.0

Warning

We've identified a bug in version 3.4.0 only that can crash applications that run .NET Framework and .NET Core in the same process, which can typically happen when using IIS. Please ensure you update to 3.4.1.

If you're using .NET Core in IIS, make sure to set ".NET CLR Version" to "No Managed Code" in the application pool settings, as described in the Microsoft documentation.

Summary

• [Tracing] Add ability to disable additional ADO.NET Command Types using DD_TRACE_DISABLED_ADONET_COMMAND_TYPES
• [Tracing] Add support for 3.x.x of log4net
• [CI Visibility] Automatic Test Retries
• [CI Visibility] Add support for session logical names
• [CI Visibility] Add extra tags for vcpu_count and in GitHub Action pull_requests runs
• [ASM] Enable API Security feature by default
• [ASM] Add support for attacker fingerprinting
• [ASM] Add support for suspicious attacker blocking
• [Continuous Profiler] Fix potential deadlock between watcher and sampler threads
• [Continuous Profiler] Improve performance for CPU profiler
• [Serverless] Add EventBridge and 128-bit trace ID support
• [DBM] Ensure context injection does not affect DBM injection

Changes

Tracer

• [Tracer] Set _dd.base_service tag whenever a span's service name is different than the default value (DD_SERVICE) (#5502)
• Add ability to disable additional ADO.NET Command Types (#6042)
• Add support for 3.* of log4net (#6075)
• [APMAPI-473] Making DD_HTTP_*_ERROR_STATUSES Config Keys Consistent (#6095)
• Subscribe to AssemblyLoadContext.Default.Resolving (#6148)
• Fix return value on error in delegate instrumentation (#6153)
• Add support for the "new" dev.azure.com style URLs in SourceLink URL parsing logic (#6159)
• Include pID in managed logs filename (#6161)
• Ensure we don't throw a null reference exception in Manual instrumentation (#6169)

CI Visibility

• [CI Visibility] Test session logical names (#6050)
• [CI Visibility] Add vcpu_count tag to tslv events (#6055)
• [CI Visibility] Automatic Test Retries (#6061)
• [CI Visibility] Avoid failing unfinished tests (#6063)
• [CI Visibility] Add support for MSTest 3.6.0 (#6080)
• [CI Visibility] Hide running command by default. (#6086)
• [CI Visibility] Fix code coverage enabled tag behavior (#6111)
• [CI Visibility] Add extra tags to GitHub Action pull_requests runs (#6141)
• [CI Visibility] Ensure commit messages are trimmed (#6170)

ASM

• [ASM] Segregate asm and iast contexts functionality (#6118)
• [ASM] Delete unused snapshots (#5758)
• [ASM] Attacker fingerprint (#5982)
• [ASM] Fix exception when accessing ReportedExternalWafsRequestHeaders (#6030)
• [ASM] Activate api sec by default (#6043)
• [ASM] Suspicious attacker blocking (#6057)
• [ASM] Fix bug RC empty key (#6058)
• [ASM] Fix one flakiness in rcm asm data integration tests and simplify some asm rcm code (#6119)
• [ASM] Update ruleset to version 1.13.1 and WAF to version 1.20.0 (#6129)
• [ASM] Update fingerprint rules (#6133)
• Refactoring and hardening of security coordinator (#6143)
• [ASM] Send header values as string to the WAF (#6144)
• [ASM] Remove httpcontext from context store at the end of the request (#6151)
• [ASM] Rename snapshots for ASM ownership (#6155)
• [ASM] Send cookie values as single string to the WAF (#6164)
• [ASM] Update WAF version to 1.20.1 (#6174)

Continuous Profiler

• [Profiler] Allow tests for .NET Framework (#5948)
• [Profiler] Bump to libdatadog 13 (#6031)
• Fix dlsym issue (#6048)
• [Profiler] Avoid too many syscall calls for timer-create-based CPU profiler (#6067)
• [Profiler][cleanup] Shorten libdatadog helper functions name (#6069)
• [Profiler] Download profiler debug symbols for integration tests (#6070)
• [Profiler] Add gen2 leak scenario (#6071)
• [Profiler] Bump libdatadog 13.1 (#6112)
• [Profiler] Code cleanup (#6114)
• [Profiler] Make sure Watcher thread is started before Sampler thread (#6134)

Debugger

• [Dynamic Instrumentation] DEBUG-2249 Line and method probes exploration tests (#5914)

Serverless

• Extract Upper64 bit trace ID from extension response (#6041)
• [serverless] trigger consolidated pipeline on tags (#6052)
• [serverless] Create EventBridge Instrumentation and Inject Trace Context (#6096)

Fixes

• Add proper error checking around GetModuleMetadata (#5985)
• [IAST] Avoid lock in method ctor. (#6115)
• Fix subtle WCF bug (#6131)
• Reorganize code around DBM injection to make sure comments get injected even if setting context fails (#6167)

Build / Test

• Run CallTargetNativeTests on Windows (#5754)
• Add SSI denylist and tests (#5928)
• [Test Package Versions Bump] Updating package versions (#5995)
• add aws credentials for system tests (#6040)
• Bump timeit to 0.1.21 (#6059)
• Move IDM up in CODEOWNERS (#6062)
• [TESTING] Fix missing snapshot (#6066)
• [CI] Push native debug symbols to Datadog Symbolication server (#6081)
• Disable debugger exploration tests (#6085)
• Fix GeneratePackageVersions (#6094)
• [Test Package Versions Bump] Updating package versions (#6098)
• Minor build fixes (#6099)
• Remove warning about non-serializable test data (#6102)
• Verify version of glibc targeted in native tracer/profiler (#6104)
• chore: prefix system tests env vars (#6108)
• Add more info when GenerateDumpIfDbgRequested fails (#6113)
• "Fix" timeouts in SSI run (#6117)
• [Test Package Versions Bump] Updating package versions (#6123)
• Remove nuke JSON file (#6126)
• Handle Nuke .NET 9 preview issue (#6130)
• Build against macos-13 as macos-12 is going to be deprecated (#6138)
• Fix crashes on .NET Core 2.1 CI (#6139)
• Fix .sln project ordering (#6156)

Miscellaneous

• Load the tracer/profiler after guardrails checks (#5968)
• [IAST] Change filtered cookie vuln hash (#6032)
• [IAST] Improve RestSharp SSRF detection (#6060)
• Ignore more processes (#6065)
• Add a outer startup hook catch block (#6068)
• [ASM][RCM] Read waf actions per file and remove per file (#6072)
• Add serverless examples (#6076)
• Allow forcing interface duck types to be classes, and update Datadog.Trace.Manual (#6082)
• Add ddprs to DBM injected comment + fix dddbs (#6084)
• [Crashtracking] Implement support for Windows (#6088)
• [IAST] Remove safe origin ranges (#6091)
• [IAST] Fix for VS Edit and Continue (#6097)
• [Crashtracking] Add registry key to installer (#6106)
• [Crashtracking] Remove exception types that are too broad (#6109)
• [IAST] Calculate method full name on demand always (#6127)
• Stop using current_path in the native loader (#6132)
• [Crashtracking] Disable crashtracking on Windows by default (#6152)

Changes since 3.3.1

3.3.1

Summary

• Fixes a bug introduced in 3.3.0 in which attempting to run some commands (e.g. cat) in some distros would give the error symbol lookup error: /opt/datadog/continuousprofiler/Datadog.Linux.ApiWrapper.x64.so: undefined symbol: dlsym

Changes

Continuous Profiler

• Fix dlsym issue (#6048)

Changes since 3.3.0

3.3.0

Warning

We've identified a bug with the .NET Tracer with the Continuous Profiler enabled that may cause applications to crash - please avoid 3.3.0 and instead use 3.2.0 for the time being. We are working on a hotfix for this ASAP.

Summary

• [ASM] Fix some minor bugs (#5943, #5955, #6017)
• [ASM] Improvements to stack trace reporting (#6011, #5997)
• [Dynamic Instrumentation] Add support for typeof expression
• [Continuous Profiler] Add support for heuristic-based activation (#5240, #6002, #6026)
• [DBM] Full propagation mode for SQL Server (#5859)

Changes

ASM

• [ASM] Avoid unhandled HttpRequestValidationExceptions (#5943)
• [ASM] Avoid reporting unknown matcher WAF errors (#5955)
• [ASM] RASP: add telemetry tag for shell injection (#5993)
• [ASM] Add new capabilities for RC (#6008)
• [ASM] Change stack trim proportion (#6011)
• [ASM]Fix InvalidOperationException in httpContext.Items (#6017)
• [ASM] Capabilities reporting against WAF versions. (#6028)
• [IAST] Add Stack trace to vuln location (#5997)
• [IAST] Fix system test weak_cipher system test (#6034)

Continuous Profiler

• [Profiler] Support Single Step Instrumentation deployment and activation (#5240)
• [Profiler] Contention profiling: add blocking thread name (#5981)
• [Profiler] Fix duplicated lifecycle telemetry (#6002)
• [Tool] update continuous profiler diagnostics (#6014)
• [Profiler] Disable timer_create-based CPU profiler when required (#6015)
• [Profiler] Send ssi info with profiles (#6026)

Debugger

• [Dynamic Instrumentation] DEBUG-2323 Add support for typeof expression in EL (#5539)

Build / Test

• [Profiler] Disable SSI telemetry by default (#6020)
• Fix SSI tests for profiler integration tests (#6016)
• [Profiler/CI] Disable Profiler Windows ASAN job (#5987)
• Add explicit permissions to all workflows (#5728)
• [Test Package Versions Bump] Updating package versions (#5873)
• [build] Build tracer with ReadyToRun (#5962)
• Display the crash tests stdout live (#5964)
• Timeit bump and fixes (#5971)
• Add linux-musl-arm64 standalone dd-trace to the v3 release artifacts (#5974)
• [CONTSEC-1501] Comment the action that uploads SARIF to Datadog (#5977)
• Include snapshot diff in snapshot body (#5988)
• Make sure we run all the TFMs on master builds (#5990)
• Minor CI fixes (#6000)
• Fix installer tests (#5994 => main) (#6004)
• Fix the trace pipeline stage (#6007)
• [Build] Update and fix linux debug symbols artifact (#6009)
• Fix bug in version bump task (#6022)
• [CI] Shorten too long snapshot file names (#6024)
• Fix gitlab build (#6025)
• [BUILD] Fix merge conflict (#6033)

Miscellaneous

• DSM Full propagation mode for SQL Server (#5859)
• [Crashtracking] Fix the handling of COMPlus_DbgMiniDumpName (#5980)

Changes since 3.2.0