New features and improvements
- Update to jfr-daemon 1.7.0 - fixes a memory leak condition by cleaning up copies of JFR recordings. Also updated to use version 0.13.1 of the telemetry-sdk 638
- Update HTTP response code attribute names. This will add
http.statusCode
andhttp.statusText
to spans and transactions 513 - Provide support for Datastax/Cassandra WrappedStatments. 525
- Add instrumentation for gRPC 1.40.0+ 518
- Add suppressed exceptions to ThrowableError.stackTrace 405
- Add Scala instrumentation and Scala API for Monix Tasks 543
- Add instrumentation for Mongo async/reactivestreams drivers versions 3.4.x to 4.1.x 609
- Scala Cats Effect 3 - modified the API to support passing the transaction by implicit reference, rather than using ThreadLocal variables 578
- Add Instrumentation for Play WS 2.6.0 under Scala 2.13 594
- Agent optimization: change String.replaceAll in favor of Pattern.compile 592
Fixes
- Upgrade log4j-core version to 2.17.1 to address security vulnerability CVE-2021-44832 625
- Enhancements for Spring WebFlux and Reactor Netty instrumentation to address gaps in instrumentation. Also includes support for upgraded Spring Security configurations 538
- Update Async-Http-Client library version to 2.0.35 to address security vulnerability CVE-2017-14063 577
- Handle null pointer exceptions in hostname lookup 587
- Properly expire tokens used in CompletableFuture instrumentation to reduce memory usage and prevent telemetry reporting delays 634
- Add additional exception handling to catch ConnectionPoolTimeoutException errors, which may lead to an unrecoverable agent state 637
- Resolve Solr FilterCache Memory Leak 613
- Reintroduce MongoDB sync instrumentation (erroneously removed in a prior release while async support was added) 635
- Fix Sql obfuscation so that it applies correctly to queries with certain formatting 632
- Agent configuration
expected_status_codes
is not honored when a transaction exception is encountered 565 - Scala Cats Effect - ensure Http4s transaction tracer is created on request run. This resolves some invalid tracer states that were causing null pointer exceptions 530
- Fix Akka HTTP bindFlow 555
- Address Caffeine cache causing memory leak and OOM condition 593
Support statement:
- New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
Fixes
- Changed log4j version to 2.12.3 to mitigate the security vulnerability CVE-2021-45105. 605
Mitigation for Java 7
- This release is compatible with Java 7.
Support statement:
- New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
Fixes
- Upgraded log4j to 2.17.0 to mitigate the security vulnerability CVE-2021-45105. 605
Recommended Java versions
- This fix is recommended if you are running on Java 8 - 17.
Support statement:
- New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
Fixes
- Changed log4j version to 2.12.2 to mitigate the security vulnerability CVE-2021-45046. 605
Mitigation for Java 7
- This release is compatible with Java 7.
Support statement:
- New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
Fixes
- Upgraded log4j to 2.16.0 to mitigate the security vulnerability CVE-2021-45046. 605
Recommended Java versions
- This fix is recommended if you are running on Java 8 - 17.
Support statement:
- New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
Fixes
- Upgraded log4j to 2.15.0 to mitigate the security vulnerability CVE-2021-44228. 605
Recommended Java versions
- This fix is recommended if you are running on Java 8 - 17.
Support statement:
- New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
Fixes
- Upgraded log4j to 2.15.0 to mitigate the security vulnerability CVE-2021-44228. 605
Recommended Java versions
- Log4j 2.15.0, which fixes the security vulnerability CVE-2021-44228, is only compatible with Java 8+. Therefore, this version of the agent is not compatible with Java 7 and is only recommended if you are using Java 8+ and are otherwise unable to upgrade to Java agent 7.4.1.
Mitigation for Java 7
Java agent versions 4.12.0 through 6.5.0 (which support Java 7) use Log4j 2.11.2 which falls into the affected range. For Java 7 users the recommended mitigation from Apache Log4j Security Vulnerabilities is to set the system property -Dlog4j2.formatMsgNoLookups=true
.
Mitigation: In releases >=2.10, this behavior can be mitigated by setting the system property
log4j2.formatMsgNoLookups
. For releases >=2.7 and <=2.14.1, allPatternLayout
patterns can be modified to specify the message converter as%m{nolookups}
instead of just%m
. For releases >=2.0-beta9 and <=2.10.0, the mitigation is to remove theJndiLookup
class from the classpath:
zip -q -d log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class
Note: The alternate approach of defining the LOG4J_FORMAT_MSG_NO_LOOKUPS=true
environment variable will not work with the NR Java Agent.
Support statement:
- New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
New features and improvements
Support for Java 17 #433
Distributed tracing is on by default and deprecates cross-application tracing #486
- Increases the default maximum number of samples stored for span events from 1000 to 2000.
- The maximum number of samples stored for span events can be configured via the max_samples_stored configuration in the newrelic.yml.
span_events:max_samples_stored: 2000Importante
This feature causes an increase in the consumption of data. The amount of increase will depend on the application. This feature can be disabled by adding the following to the agent yaml config nested under the common section:
distributed_tracing:enabled: falseAuto-instrumentation support for GraphQL-Java 17.0+ #487
This version tested agent support for the ARM64/Graviton2 platform
Fixes
The existing MongoDB sync client instrumentation was incorrectly applying when MongoDB reactive or async client was being used, which could lead to segment timeouts and long transaction response times. #476
Deprecations and removed features
Cross application tracing is now deprecated, and disabled by default. To continue using it, enable it with cross_application_tracer.enabled = true
and distributed_tracing.enabled = false
.
Support statement:
- New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
New features and improvements
Support for Java 16
Auto-instrumentation support for java.net.http.HttpClient
Migrate the Agent’s caching library from Guava to Caffeine (Special thanks to community member Stephan Schroevers for this contribution)
- Caffeine provides an in-memory cache using a Google Guava inspired API. The improvements draw on the author’s experience designing Guava's cache and
ConcurrentLinkedHashMap
. - We expect this change to provide improvement in cases where we saw thread contention and deadlocks attributable to the Guava library.
- Caffeine provides an in-memory cache using a Google Guava inspired API. The improvements draw on the author’s experience designing Guava's cache and
Fixes
- Removed support for the anorm-2.0 instrumentation module
- The artifacts that this module instrumented are no longer available.
Support statement
- New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.
New features and improvements
Scala Library Instrumentation #362 and #363
- STTP versions 2 & 3 Akka-HTTP, HTTP4s and STTP core backends
- Cats-effect v2
- ZIO v1
- HTTP4s client & server v0.21
- Play 2.3-2.8
- Akka-HTTP v10.1 & v10.2
- For more information, see Scala instrumentation.
Scala API support (see PRs above)
- Scala APIs provided for explicit instrumentation of several of above libraries in case auto-instrumentation is not desired
- Cats-effect v2
- ZIO v1
AWS v2 DynamoDB Instrumentation #343
- Synchronous and asynchronous AWS v2 APIs are auto-instrumented similarly to v1 APIs
- For more information, see Add support for AWS SDK 2 DynamoDB sync/async clients
GraphQL 16 Instrumentation #396
- Create meaningful transaction names
- Create meaningful spans
- Reporting GraphQL errors
- For more information, see GraphQL for Java
JFR feature causing excessive overhead when enabled JFR #203
- Refactored code to use less memory.
Fixes
The existing MongoDB instrumentation was partially applying when MongoDB Reactive Streams is being used.
- Disable weaving package when MongoDB 4.x+ reactive driver detected #341
- For more information, see Spring Reactive DB Drivers - MongoDB Support
Support statement:
- New Relic recommends that you upgrade the agent regularly to ensure that you're getting the latest features and performance benefits. Additionally, older releases will no longer be supported when they reach end-of-life.