Bump gopkg.in/DataDog/dd-trace-go.v1 from 1.32.0 to 1.36.2

[dependabot]

Bumps gopkg.in/DataDog/dd-trace-go.v1 from 1.32.0 to 1.36.2.

Release notes

Sourced from gopkg.in/DataDog/dd-trace-go.v1's releases.

v1.36.2

This release contains a small patch that disables service propagation in the Tracer.

ddtrace/tracer: disable Datadog internal tag propagation (#1182)

To view the changes check out the list of commits

v1.36.0

This version comes with the Application Security (AppSec) public beta which includes a broader security coverage of HTTP servers, now also extended to gRPC servers. It is powered by new security rules that allow monitoring the OWASP Top 10 attack attempts, such as SQL injections, Log4Shell and Server-Side Request Forgeries.

It also includes many APM tracing improvements, along with a fix for a regression introduced in v1.35.0.

Features

AppSec

• contrib/go-chi: integrate AppSec monitoring of http requests and responses (#1130)
• contrib/google.golang.org/grpc: monitor received RPC messages (#1105)
• internal/appsec: monitor HTTP response status codes (#1096)
• internal/appsec: enhanced monitoring of HTTP cookies (#1108)
• internal/appsec: monitor URL parameters of HTTP requests (#1106)
• internal/appsec: log http response headers into request spans on security events (#1107)
• internal/appsec: rate-limit AppSec traces to 100 per second (#1131)

APM Tracer

• contrib/gocql/gocql: support Scanner and Batch (#1117) (Thanks @​jack-at-circle)
• contrib/go-chi option to ignore requests. (#1124) (Thanks @​Anvay-Rajhansa)
• contrib/net/http: use ignoreRequest in WrapHandler (#1049)
• contrib/labstack/{echo, echo.v4}: add support for noDebugStack (#1097)
• contrib/google.golang.org/grpc: Fallback to GlobalConfig serviceName if missing (#1027) (Thanks @​vasyharan)
• contrib/net/http: Add TraceAndServe and TraceConfig from contrib/internal/httputil (#1063) (Thanks @​soh335)
• ddtrace/tracer: Use DD_AGENT_HOST to set trace agent hostname before querying the trace-agent for its features (#1126) (Thanks @​carflo)
• ddtrace/tracer: fix tracer.StartSpanFromContext race condition on opts arg (#1127)
• ddtrace/tracer: propagate _dd.p.upstream_services tags (#1082)

Profiler

• profiler: log configuration at profiling start (#1114)

Fixes

• ddtrace/tracer: only drop P0s when client-side stats are enabled (#1139)

To view all changes check out the list of commits and the 1.36.0 milestone.

v1.35.0

Features

• profiler: Code Hotspots and Endpoint Filtering (#966)

... (truncated)

Commits

• b7ebf70 version: bump to v1.36.2
• fb10734 ddtrace/tracer: disable Datadog internal tag propagation (#1182)
• 5b6e61b internal/traceprof/traceproftest: fix flaxy endpoints/hotspots test (#1145)
• dcf8af1 contrib/google.golang.org/grpc: benchmark for unary interceptor (#1133)
• 56992a1 contrib/go-chi: fix closure mistake (#1146)
• f00313c ddtrace/tracer: only drop P0s when client-side stats are enabled (#1139)
• f77f880 internal/appsec: rate-limit appsec traces to 100 per second (#1131)
• e52ef96 ddtrace/tracer: propagate _dd.p.upstream_services tags (#1082)
• 10f0512 .circleci/config.yml: set the waf timeout to a large value (#1143)
• a9f9352 contrib/go-chi/chi: add appsec monitoring (#1130)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)