Fixes
Fixed named-pipe check for lambda invocations to avoid race-condition.
Named-pipe existence will now be checked just prior to first write and then cached.
Improvements
- Updated README with community-plus header.
- Updated README config copy example.
- Added Open Source Policy workflow.
- Removed repository CoC in favor of centralized CoC at org root.
New Features
- Added ability for the agent to write to a named pipe, instead of stdout, when in serverless mode.
Fixes
Security fix: Resolves an issue where transaction traces will still capture the request URI when the Node.js agent is configured to exclude the 'request.uri' attribute. This can be problematic for certain customers in environments where sensitive information is included in the URI. See security bulletin NR20-02.
The request URI will now be excluded from transaction traces if the 'request.uri' attribute has been set to be excluded at either the top-level 'attributes.exclude' configuration or at the 'transaction_tracer.attributes.exclude' configuration.
Improvements
- Updated guidelines and templates for contributing to the project.
- Updated
SECURITY.md
with coordinated disclosure program link. - Upgrade
async
tov3.2.0
. Special thanks to Yohan Siguret (@Crow-EH) for the contribution. - Bumped
@newrelic/native-metrics
to^5.3.0
. - Bumped
@newrelic/aws-sdk
to^2.0.0
. - Bumped
node-test-utilities
to^4.0.0
. - Bumped
@newrelic/superagent
to^3.0.0
. - Bumps
@newrelic/koa
to^4.0.0
.
Fixes
- Fixes obfuscation of SQL queries with large data inserts. Special thanks to Tomáš Hanáček (@tomashanacek) for tracking down the issue and providing the fix.
- On failed instrumentation, prevent multiple requires from re-wrapping shims. Special thanks to Ryan Copley (@RyanCopley) for the contribution.
New Features
- Updated to Apache 2.0 license
- Added CODE_OF_CONDUCT.md file
- Streamlined README.md file
- Updated CONTRIBUTING.md file
- Added additional guidance to bug report template
- Added copyright headers to all source files
Improvements
- Added Distributed Tracing option to config file used for first time customers
- Converted some test files to Node-tap
- Removed "hidden" and unused code injector diagnostic capability
- Upgraded @grpc/grpc-js from 1.0.4 to 1.0.5
New Features
- Additional Transaction Information applied to Span Events
- When Distributed Tracing and/or Infinite Tracing are enabled, the Agent will now incorporate additional information from the Transaction Event on to the currently available Span Event of the transaction.
- The following items are affected:
aws-lambda
related attributeserror.message
error.class
error.expected
http.statusCode
http.statusText
message.*
parent.type
parent.app
parent.account
parent.transportType
parent.transportDuration
- Request Parameters
request.parameters.*
request.header.*
request.method
request.uri
- The following items are affected:
- Custom Attributes
- Custom transaction attributes added via
API.addCustomAttribute
orAPI.addCustomAttributes
will now be propagated to the currently active span, if available.
- Custom transaction attributes added via
- Security Recommendation:
- Review your Transaction Event attributes configuration. Any attribute include or exclude setting specific to Transaction Events should be applied to your Span Attributes configuration or global attributes configuration. Please see Node.js agent attributes for more on how to configure.
- When Distributed Tracing and/or Infinite Tracing are enabled, the Agent will now incorporate additional information from the Transaction Event on to the currently available Span Event of the transaction.
Improvements
- Upgraded @grpc/grpc-js from 1.0.3 to 1.0.4
- Modified redis callback-less versioned test to use
commandQueueLength
as indicator redis command has completed and test can continue. This is in effort to further reduce these test flickers. Additionally, added wait for client 'ready' before moving on to tests. - Updated force secret test runs to run on branch pushes to the main repository.
New Features
Added AWS API Gateway V2 support to Lambda instrumentation.
Added 'transaction.name' intrinsic to active span at time transaction name is finalized.
This enables finding transaction name for traces that may not have a matching transaction event.
Added 'error.expected' attribute to span active at time expected error was noticed.
Improvements
Dropped errors earlier during collection when error collection is disabled.
Error attributes will no longer show up on spans when error collection has been disabled. Other unnecessary work will also be avoided.
Removed allocation of logging-only objects used by transaction naming when those log levels are disabled.
Upgraded escodegen from 1.12.0 to 1.14.1.
Upgraded readable-stream from 3.4.0 to 3.6.0.
Upgraded @grpc/proto-loader from 0.5.3 to 0.5.4.
Converted facts unit test to use tap API.
Converted transaction 'finalizeName...' unit tests to use tap API.
Added several items to .npmignore to prevent accidental publishing.
Fixed Redis client w/o callback versioned test flicker.
Doesn't end transaction until error encountered. Increases wait time for first operation which has to complete for the second operation to be successful.
New Features
Bumped @newrelic/native-metrics to ^5.1.0.
Upgraded nan to ^2.14.1 to resolve 'GetContents' deprecation warning with Node 14. This version of the native metrics module is tested against Node 14 and includes a pre-built binary download backup for Node 14.
Improvements
Added whitespace trimming of license key configuration values.
Previously, when a license key was entered with leading or trailing whitespace, it would be used as-is and result in a validation failure. This most commonly occurred with environment variable based configuration.
Moved to GitHub actions for CI.
Updated PR template and added initial issue templates.
Converted most of the collector API unit tests to use the tap API. Split larger test groupings into their own test files.
Fixes
- Added synthetics headers to transaction event intrinsics for Distributed Tracing
- Fixed stale comment documentation with regards to segment recording
New Features
Added a configurable-length span queue to Infinite Tracing: infinite_tracing.span_events.queue_size.
The queue length can be modified to balance the needs of keeping full traces against trade-off of memory usage and CPU overhead in a high-throughput application.
Improvements
- Updated remaining /api unit tests to use tap API.
- Updated @grpc/grpc-js to v1.0.3.
Fixes
Fixed issue where API.instrumentLoadedModule could throw an exception when it failed.
Error details will now be caught and logged.
Resolved non-proxy minimist security warnings by bumping dependencies.
These updates only impact development dependencies. Thank you to @devfreddy for the contribution.
- Updated minimist sub-deps to resolve most related security warnings.
- Updated tap to resolve remaining tap security warnings.
- Updated @newrelic/proxy.