Fixes
Added a type check to attribute validation, restricting values to primitive types (but not
undefined
).Previously the agent was only enforcing byte limits on string values, resulting in overly large arrays being collected. This brings the agent in line with other language agents.
The
DatastoreShim
will now respect specifiedafter
handlers.Previously on methods like
DatastoreShim#recordQuery
theafter
handler would be dropped. The property is now correctly propagated to the underlyingShim#record
call.The agent will now check that a specified parent segment is part of an active segment before running a method under instrumentation.
Previously the agent would unconditionally run a method under a specified parent. The shim expects the parent to exist and be active, and will throw errors in the case where the parent belongs to an inactive transaction.
New features
Added
newrelic.startSegment()
, which replacesnewrelic.createTracer()
.This new API method allows you to create custom segments using either callbacks or promises.
Bug fixes
Fixed bug in
pre
route config option in Hapi instrumentation.Only applies to Hapi v16 and below. The pre handler wrapping was not properly returning in cases when the element was a string referring to a registered server method, and as a result these elements would be replaced with
undefined
.
New features
Added @newrelic/koa as a dependency.
This introduces instrumentation for Koa v2.0.0 or higher. It will be treated as first-party instrumentation within the agent, but publishing it as a separate module allows it to be installed independently according to users' needs.
Improvements
Refactored instrumentation hooks to work with modules.
With this change it is now possible to link against external instrumentation modules.
Improvements
Promise based web framework middleware instrumentation now supports callback based sequencing.
Previously, a promise based middleware was assumed to continue to the next middleware once the promise it returned resolved. This assumption has been relaxed to allow for a callback to be supplied to the middleware to invoke the next middleware.
Improvements
Removed the
ssl
configuration option.TLS is now always used in communication with New Relic Servers. The
ssl
configuration value andNEW_RELIC_USE_SSL
environment value are no longer used. Setting either value to anything other thantrue
will result in a warning.Security bulletin NR18-05:
Fixes issue introduced in 2.8.0 where the agent may have captured all transaction attributes, even with High-security mode enabled on the account. This may have included sensitive data attached to transactions.
All request parameters now prefixed with
request.parameters.
.Previously request parameters such as route and query parameters were added as attributes without any name changes. For example
/foo?bar=value
would add the attributebar
to the transaction. Now this attribute would be namedrequest.parameters.bar
.Any Insights dashboards, alerts, or other NRQL queries using these attributes must be updated to use the new attribute names.
Adds support for EU Datacenter
Bug fixes
Security bulletin NR18-06:
Fixes issue introduced in 2.8.0 where the agent may have captured all transaction attributes, even with High-security mode enabled on the account. This may have included sensitive data attached to transactions.
Removed support for agent attributes include/exclude rules.
These will be coming back in Node Agent v3.0.0. The fix for the above security bulletin required a backwards incompatible change to our attributes.
Fixed bug in Bluebird instrumentation.
Some methods were not instrumented correctly. This would cause a problem if a function was passed to these methods.
Special thanks to Andreas Lind (@papandreou) for helping us find this bug.
Note
This release is deprecated due to an issue where the agent may capture transaction attributes regardless of agent settings. If you are using this release, upgrade your agent to agent version 2.9.1 or higher. For more information, see Security Bulletin NR18-06.
Improvements
Added the
WebFrameworkShim#savePossibleTransactionName
method.This method may be used to mark the current running middleware as a potential responder.
savePossibleTransactionName
should be used if a middleware can't be determined to be a terminal middleware while it executes, but may be responsible for responding after execution has finished.Fixed
dns.resolve
results assertion.Expanded
async_hooks
tests around maintain transaction context.Added Koa to metric naming objects.
Added
callback
prop tomiddlewareWithPromiseRecorder
return spec.While we aren't actually wrapping any callback, this is a workaround that gives us access to the active segment. This ensures that all segments inside Koa transaction traces are named correctly, particularly in cases when transaction context may be lost.
Updated
after
prop inmiddlewareWithPromiseRecorder
return spec to settxInfo.errorHandled = true
in cases when there is no error.Because Koa has no concept of errorware in the same sense as Express or Connect (
(err, req, res, next)
), the agent now assumes if a middleware resolves, any error that may have occurred can be marked as handled.
Fixes
- Added check for
parentSegment
inasync_hooks
instrumentation, to help ensure that transaction context is maintained.
Note
This release is deprecated due to an issue where the agent may capture transaction attributes regardless of agent settings. If you are using this release, upgrade your agent to agent version 2.9.1 or higher. For more information, see Security Bulletin NR18-06.
New features
Added instrumentation support for MongoDB version 3.
Version 3 of mongodb is now supported. Previously datastore host information (instance metrics) was incorrectly captured by the agent with
mongodb
v3. This has been fixed and all features should be functional now.
Improvements
Updated documentation for
apdex_t
setting and removed environment variable.This was never configurable on client side and the documentation was misleading.
Documented environment variables for
slow_sql
configurations.Thanks to Olivier Tassinari (@oliviertassinari) for the update!
Updated
hapi/hapi-pre-17/package.json
to runerrors.tap.js
in more versions.Added internal cache to unwrapped core modules for agent use.
Improved logging around environment facts gathering.
Bug fixes
Enable certain agent attributes when high-security mode is enabled.
During the switch from the old
capture_params
/ignored_params
to the new attribute include/exclude rules, high-security mode was over-zealous in what attributes it disallowed. This has been trimmed back to be in line with other agents.
Notes
Changed
attributes.enabled
totrue
by default.In the previous version we defaulted this to
false
to maintain parity withcapture_params
which defaulted tofalse
. However, this is a invalid parity becauseattribute.enabled
controls more attributes thancapture_params
.
Improvements
Removed unnecessary checks around
Timer.unref()
calls.unref
has been supported since Node v0.9, meaning it will always be present in timers set by the agent (with 0.10 being the earliest supported version).Added a split in the node versions for the
mysql2
andcassandra
versioned tests.As of
mysql2
v1.3.1 andcassandra
v3.4.0 the minimum supported version of Node is 4.Replaced as many instances of
{}
as possible withObject.create(null)
.Removed extraneous logger arg in
addCustomAttribute
call.
Bug fixes
The agent will no longer generate browser data for ignored transactions.
Expanded Hapi instrumentation to support route
pre
handlers.This is a Hapi route config option that was previously uninstrumented, causing transaction names to become invalid. This expanded instrumentation ensures that all additional handlers are wrapped and associated with the main route.
New features
Added agent attribute filtering via include and exclude rules.
Agent attributes can now be controlled using fine grained include and exclude rules. These rules, described below, replace
capture_params
andignored_params
. Any attributes listed inignored_params
will be migrated toattributes.exclude
internally, unlessattributes.exclude
is explicitly set.There are three new configuration properties added to the root config and each destination (more on destinations later). These new configurations are:
attributes.enabled
- Enables collection of attributes for the destination.attributes.include
- A list of attributes or wildcard rules to include.attributes.exclude
- A list of attributes or wildcard rules to exclude.
The include and exclude rules can be exact rules (for example
request.headers.contentLength
), or wildcard rules which match just the beginning of attribute keys (for examplerequest.headers.*
would match any request header).These rules can be specified globally at the root of the configuration, or for specific destinations. These destinations are:
transaction_tracer
- Controls transaction trace attributes.transaction_events
- Controls transaction event attributes.error_collector
- Controls error event attributes.browser_monitoring
- Controls browser/RUM transaction attributes.
Renamed
addCustomParameter
toaddCustomAttribute
.The
addCustomParameter
method is now deprecated and will be removed in a future release of the agent. TheaddCustomAttribute
method is a drop-in replacement for it.Added cache to agent attribute filtering.
To minimize the overhead of applying attribute rules, the agent caches results of filtering specific attribute keys and destinations. The cache is limited to 1000 destination-key pairs by default but can be configured with
attributes.filter_cache_limit
. This cache offers a 10x improvement for applying filter rules for cache-hits.Added
allow_all_headers
to config options and updatedhttp
instrumentation.When set to
true
, the agent will collect all request headers. This collection respects the agent attribute include and exclude rules. A default set of exclusion rules are provided innewrelic.js
. These rules exclude all cookies and authentication headers.Segments may now be flagged as opaque, causing internal segments to be omitted from the transaction trace.
Improvements
Added limits for agent attributes to keep monitoring overhead down.
Attribute keys and values are limited to 255 bytes each. Keys which are larger than 255 bytes are dropped, and a warning message is logged. Values larger than 255 bytes are truncated to 255 bytes, respecting multi-byte UTF-8 encoding. Custom attributes are limited to 64 per transaction. Attributes beyond the 64th are silently ignored.
Added error to collector connection failure log message.
Renamed
request_uri
attribute torequest.uri
.This brings the attribute name in line with all other request attributes.
Updated
https-proxy-agent
dependency from^0.3.5
to^0.3.6
.Updated versioned tests where applicable to ensure most minor versions of instrumented modules work as expected.
Fixed stalling test for v1 line of Mongo driver.
Added tests verifying Hapi 404 transactions result in correctly named metrics.
The Hapi instrumentation was doing the correct thing, but we did not have tests for this specific case.
Bug fixes
The agent will no longer crash when
crypto.DEFAULT_ENCODING
has been changed.Previously, the agent would assume the result of
hash.digest()
was an instance of a Buffer. Ifcrypto.DEFAULT_ENCODING
is changed,hash.digest()
will return a string and the agent would crash. The agent now ensures that the value is a Buffer instance before moving on.Fixed error if
process.config.variables.node_prefix
missing.If
process.config.variables.node_prefix
is falsey (which can happen if using electron, leading to this issue https://discuss.newrelic.com/t/new-relic-on-electron-nodejs/53601) thegetGlobalPackages
function inlib/environment.js
will give an err when it shouldn't.Thanks to Jarred Filmer (@BrighTide) for the fix!