feat(capablities)!: sleep & spawn capabilities by Aaalibaba42 · Pull Request #1873 · DataDog/libdatadog

Aaalibaba42 · 2026-04-13T17:22:43Z

What does this PR do?

Create the capabilities for Sleep and Spawn.
Change the terminology of Http Capability stuff to be more in line with current work.
Change some things about shared runtime.

Motivation

Before if we were to spawn tasks on wasm, we would have required a current thread tokio runtime blocking JS event loop until the end of the tokio runtime itself. Now in wasm we delegate tasks to the eventloop itself, making the whole thing non blocking, and enabling stuff like sleeping in a JS compatible way.

Additional Notes

/

How to test the change?

DataDog/libdatadog-nodejs#70

github-actions · 2026-04-13T17:23:58Z

📚 Documentation Check Results

⚠️ 4946 documentation warning(s) found

📦 `datadog-sidecar` - 2449 warning(s)

📦 `libdd-capabilities-impl` - 182 warning(s)

📦 `libdd-capabilities` - 14 warning(s)

📦 `libdd-data-pipeline` - 943 warning(s)

📦 `libdd-shared-runtime` - 181 warning(s)

📦 `libdd-trace-stats` - 608 warning(s)

📦 `libdd-trace-utils` - 569 warning(s)

Updated: 2026-04-27 13:14:07 UTC | Commit: 24ea79e | missing-docs job results

github-actions · 2026-04-13T17:25:42Z

🔒 Cargo Deny Results

⚠️ 24 issue(s) found, showing only errors (advisories, bans, sources)

📦 `datadog-sidecar` - 6 error(s)

Show output

error[unmaintained]: Bincode is unmaintained
   ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:37:1
   │
37 │ bincode 1.3.3 registry+https://github.com/rust-lang/crates.io-index
   │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unmaintained advisory detected
   │
   ├ ID: RUSTSEC-2025-0141
   ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2025-0141
   ├ Due to a doxxing and harassment incident, the bincode team has taken the decision to cease development permanently.
     
     The team considers version 1.3.3 a complete version of bincode that is not in need of any updates.
     
     ## Alternatives to consider
     
     * [wincode](https://crates.io/crates/wincode)
     * [postcard](https://crates.io/crates/postcard)
     * [bitcode](https://crates.io/crates/bitcode)
     * [rkyv](https://crates.io/crates/rkyv)
   ├ Announcement: https://git.sr.ht/~stygianentity/bincode/tree/v3.0/item/README.md
   ├ Solution: No safe upgrade is available!
   ├ bincode v1.3.3
     ├── datadog-ipc v0.1.0
     │   └── datadog-sidecar v0.0.1
     └── datadog-sidecar v0.0.1 (*)

error[unsound]: Rand is unsound with a custom logger using `rand::rng()`
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:283:1
    │
283 │ rand 0.8.5 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unsound advisory detected
    │
    ├ ID: RUSTSEC-2026-0097
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0097
    ├ It has been reported (by @lopopolo) that the `rand` library is [unsound](https://rust-lang.github.io/unsafe-code-guidelines/glossary.html#soundness-of-code--of-a-library) (i.e. that safe code using the public API can cause Undefined Behaviour) when all the following conditions are met:
      
      - The `log` and `thread_rng` features are enabled
      - A [custom logger](https://docs.rs/log/latest/log/#implementing-a-logger) is defined
      - The custom logger accesses `rand::rng()` (previously `rand::thread_rng()`) and calls any `TryRng` (previously `RngCore`) methods on `ThreadRng`
      - The `ThreadRng` (attempts to) reseed while called from the custom logger (this happens every 64 kB of generated data)
      - Trace-level logging is enabled or warn-level logging is enabled and the random source (the `getrandom` crate) is unable to provide a new seed
      
      `TryRng` (previously `RngCore`) methods for `ThreadRng` use `unsafe` code to cast `*mut BlockRng<ReseedingCore>` to `&mut BlockRng<ReseedingCore>`. When all the above conditions are met this results in an aliased mutable reference, violating the Stacked Borrows rules. Miri is able to detect this violation in sample code. Since construction of [aliased mutable references is Undefined Behaviour](https://doc.rust-lang.org/stable/nomicon/references.html), the behaviour of optimized builds is hard to predict.
    ├ Announcement: https://github.com/rust-random/rand/pull/1763
    ├ Solution: Upgrade to >=0.10.1 OR <0.10.0, >=0.9.3 OR <0.9.0, >=0.8.6 (try `cargo update -p rand`)
    ├ rand v0.8.5
      ├── datadog-sidecar v0.0.1
      ├── libdd-common v4.0.0
      │   ├── datadog-ipc v0.1.0
      │   │   └── datadog-sidecar v0.0.1 (*)
      │   ├── datadog-live-debugger v0.0.1
      │   │   ├── datadog-remote-config v0.0.1
      │   │   │   ├── (dev) datadog-remote-config v0.0.1 (*)
      │   │   │   └── (dev) datadog-sidecar v0.0.1 (*)
      │   │   └── datadog-sidecar v0.0.1 (*)
      │   ├── datadog-remote-config v0.0.1 (*)
      │   ├── datadog-sidecar v0.0.1 (*)
      │   ├── libdd-capabilities-impl v1.0.0
      │   │   ├── datadog-sidecar v0.0.1 (*)
      │   │   ├── (dev) libdd-data-pipeline v3.0.1
      │   │   │   ├── datadog-live-debugger v0.0.1 (*)
      │   │   │   └── datadog-sidecar v0.0.1 (*)
      │   │   ├── libdd-trace-stats v2.0.0
      │   │   │   ├── datadog-ipc v0.1.0 (*)
      │   │   │   ├── datadog-sidecar v0.0.1 (*)
      │   │   │   └── libdd-data-pipeline v3.0.1 (*)
      │   │   └── libdd-trace-utils v3.0.1
      │   │       ├── (dev) datadog-sidecar v0.0.1 (*)
      │   │       ├── libdd-data-pipeline v3.0.1 (*)
      │   │       ├── libdd-trace-stats v2.0.0 (*)
      │   │       └── (dev) libdd-trace-utils v3.0.1 (*)
      │   ├── libdd-common-ffi v32.0.0
      │   │   ├── datadog-sidecar v0.0.1 (*)
      │   │   └── libdd-crashtracker-ffi v32.0.0
      │   │       └── datadog-sidecar v0.0.1 (*)
      │   ├── (build) libdd-crashtracker v1.0.0
      │   │   ├── datadog-sidecar v0.0.1 (*)
      │   │   └── libdd-crashtracker-ffi v32.0.0 (*)
      │   ├── libdd-crashtracker-ffi v32.0.0 (*)
      │   ├── libdd-data-pipeline v3.0.1 (*)
      │   ├── libdd-dogstatsd-client v2.0.0
      │   │   ├── datadog-sidecar v0.0.1 (*)
      │   │   └── libdd-data-pipeline v3.0.1 (*)
      │   ├── libdd-shared-runtime v0.1.0
      │   │   ├── (dev) libdd-data-pipeline v3.0.1 (*)
      │   │   ├── libdd-telemetry v4.0.0
      │   │   │   ├── datadog-sidecar v0.0.1 (*)
      │   │   │   ├── libdd-crashtracker v1.0.0 (*)
      │   │   │   └── libdd-data-pipeline v3.0.1 (*)
      │   │   └── libdd-trace-stats v2.0.0 (*)
      │   ├── libdd-telemetry v4.0.0 (*)
      │   ├── libdd-trace-stats v2.0.0 (*)
      │   └── libdd-trace-utils v3.0.1 (*)
      ├── libdd-crashtracker v1.0.0 (*)
      ├── (dev) libdd-data-pipeline v3.0.1 (*)
      ├── (dev) libdd-trace-normalization v2.0.0
      │   └── libdd-trace-utils v3.0.1 (*)
      ├── (dev) libdd-trace-stats v2.0.0 (*)
      ├── libdd-trace-utils v3.0.1 (*)
      └── proptest v1.5.0
          └── (dev) libdd-tinybytes v1.1.0
              ├── datadog-ipc v0.1.0 (*)
              ├── datadog-sidecar v0.0.1 (*)
              ├── libdd-data-pipeline v3.0.1 (*)
              ├── (dev) libdd-tinybytes v1.1.0 (*)
              └── libdd-trace-utils v3.0.1 (*)

error[vulnerability]: Name constraints for URI names were incorrectly accepted
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:309:1
    │
309 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0098
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0098
    ├ Name constraints for URI names were ignored and therefore accepted.
      
      Note this library does not provide an API for asserting URI names, and URI name constraints are otherwise not implemented.  URI name constraints are now rejected unconditionally.
      
      Since name constraints are restrictions on otherwise properly-issued certificates, this bug is reachable only after signature verification and requires misissuance to exploit.
      
      This vulnerability is identified as [GHSA-965h-392x-2mh5](https://github.com/rustls/webpki/security/advisories/GHSA-965h-392x-2mh5). Thank you to @1seal for the report.
    ├ Solution: Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── datadog-ipc v0.1.0
          │       │   └── datadog-sidecar v0.0.1
          │       ├── datadog-live-debugger v0.0.1
          │       │   ├── datadog-remote-config v0.0.1
          │       │   │   ├── (dev) datadog-remote-config v0.0.1 (*)
          │       │   │   └── (dev) datadog-sidecar v0.0.1 (*)
          │       │   └── datadog-sidecar v0.0.1 (*)
          │       ├── datadog-remote-config v0.0.1 (*)
          │       ├── datadog-sidecar v0.0.1 (*)
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   ├── (dev) libdd-data-pipeline v3.0.1
          │       │   │   ├── datadog-live-debugger v0.0.1 (*)
          │       │   │   └── datadog-sidecar v0.0.1 (*)
          │       │   ├── libdd-trace-stats v2.0.0
          │       │   │   ├── datadog-ipc v0.1.0 (*)
          │       │   │   ├── datadog-sidecar v0.0.1 (*)
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-utils v3.0.1
          │       │       ├── (dev) datadog-sidecar v0.0.1 (*)
          │       │       ├── libdd-data-pipeline v3.0.1 (*)
          │       │       ├── libdd-trace-stats v2.0.0 (*)
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       ├── libdd-common-ffi v32.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   └── libdd-crashtracker-ffi v32.0.0
          │       │       └── datadog-sidecar v0.0.1 (*)
          │       ├── (build) libdd-crashtracker v1.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   └── libdd-crashtracker-ffi v32.0.0 (*)
          │       ├── libdd-crashtracker-ffi v32.0.0 (*)
          │       ├── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-dogstatsd-client v2.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   └── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-shared-runtime v0.1.0
          │       │   ├── (dev) libdd-data-pipeline v3.0.1 (*)
          │       │   ├── libdd-telemetry v4.0.0
          │       │   │   ├── datadog-sidecar v0.0.1 (*)
          │       │   │   ├── libdd-crashtracker v1.0.0 (*)
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-stats v2.0.0 (*)
          │       ├── libdd-telemetry v4.0.0 (*)
          │       ├── libdd-trace-stats v2.0.0 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

error[vulnerability]: Name constraints were accepted for certificates asserting a wildcard name
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:309:1
    │
309 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0099
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0099
    ├ Permitted subtree name constraints for DNS names were accepted for certificates asserting a wildcard name.
      
      This was incorrect because, given a name constraint of `accept.example.com`, `*.example.com` could feasibly allow a name of `reject.example.com` which is outside the constraint.
      This is very similar to [CVE-2025-61727](https://go.dev/issue/76442).
      
      Since name constraints are restrictions on otherwise properly-issued certificates, this bug is reachable only after signature verification and requires misissuance to exploit.
      
      This vulnerability is identified as [GHSA-xgp8-3hg3-c2mh](https://github.com/rustls/webpki/security/advisories/GHSA-xgp8-3hg3-c2mh). Thank you to @1seal for the report.
    ├ Solution: Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── datadog-ipc v0.1.0
          │       │   └── datadog-sidecar v0.0.1
          │       ├── datadog-live-debugger v0.0.1
          │       │   ├── datadog-remote-config v0.0.1
          │       │   │   ├── (dev) datadog-remote-config v0.0.1 (*)
          │       │   │   └── (dev) datadog-sidecar v0.0.1 (*)
          │       │   └── datadog-sidecar v0.0.1 (*)
          │       ├── datadog-remote-config v0.0.1 (*)
          │       ├── datadog-sidecar v0.0.1 (*)
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   ├── (dev) libdd-data-pipeline v3.0.1
          │       │   │   ├── datadog-live-debugger v0.0.1 (*)
          │       │   │   └── datadog-sidecar v0.0.1 (*)
          │       │   ├── libdd-trace-stats v2.0.0
          │       │   │   ├── datadog-ipc v0.1.0 (*)
          │       │   │   ├── datadog-sidecar v0.0.1 (*)
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-utils v3.0.1
          │       │       ├── (dev) datadog-sidecar v0.0.1 (*)
          │       │       ├── libdd-data-pipeline v3.0.1 (*)
          │       │       ├── libdd-trace-stats v2.0.0 (*)
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       ├── libdd-common-ffi v32.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   └── libdd-crashtracker-ffi v32.0.0
          │       │       └── datadog-sidecar v0.0.1 (*)
          │       ├── (build) libdd-crashtracker v1.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   └── libdd-crashtracker-ffi v32.0.0 (*)
          │       ├── libdd-crashtracker-ffi v32.0.0 (*)
          │       ├── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-dogstatsd-client v2.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   └── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-shared-runtime v0.1.0
          │       │   ├── (dev) libdd-data-pipeline v3.0.1 (*)
          │       │   ├── libdd-telemetry v4.0.0
          │       │   │   ├── datadog-sidecar v0.0.1 (*)
          │       │   │   ├── libdd-crashtracker v1.0.0 (*)
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-stats v2.0.0 (*)
          │       ├── libdd-telemetry v4.0.0 (*)
          │       ├── libdd-trace-stats v2.0.0 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

error[vulnerability]: Reachable panic in certificate revocation list parsing
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:309:1
    │
309 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0104
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0104
    ├ A panic was reachable when parsing certificate revocation lists via [`BorrowedCertRevocationList::from_der`]
      or [`OwnedCertRevocationList::from_der`].  This was the result of mishandling a syntactically valid empty
      `BIT STRING` appearing in the `onlySomeReasons` element of a `IssuingDistributionPoint` CRL extension.
      
      This panic is reachable prior to a CRL's signature being verified.
      
      Applications that do not use CRLs are not affected.
      
      Thank you to @tynus3 for the report.
    ├ Solution: Upgrade to >=0.103.13, <0.104.0-alpha.1 OR >=0.104.0-alpha.7 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── datadog-ipc v0.1.0
          │       │   └── datadog-sidecar v0.0.1
          │       ├── datadog-live-debugger v0.0.1
          │       │   ├── datadog-remote-config v0.0.1
          │       │   │   ├── (dev) datadog-remote-config v0.0.1 (*)
          │       │   │   └── (dev) datadog-sidecar v0.0.1 (*)
          │       │   └── datadog-sidecar v0.0.1 (*)
          │       ├── datadog-remote-config v0.0.1 (*)
          │       ├── datadog-sidecar v0.0.1 (*)
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   ├── (dev) libdd-data-pipeline v3.0.1
          │       │   │   ├── datadog-live-debugger v0.0.1 (*)
          │       │   │   └── datadog-sidecar v0.0.1 (*)
          │       │   ├── libdd-trace-stats v2.0.0
          │       │   │   ├── datadog-ipc v0.1.0 (*)
          │       │   │   ├── datadog-sidecar v0.0.1 (*)
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-utils v3.0.1
          │       │       ├── (dev) datadog-sidecar v0.0.1 (*)
          │       │       ├── libdd-data-pipeline v3.0.1 (*)
          │       │       ├── libdd-trace-stats v2.0.0 (*)
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       ├── libdd-common-ffi v32.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   └── libdd-crashtracker-ffi v32.0.0
          │       │       └── datadog-sidecar v0.0.1 (*)
          │       ├── (build) libdd-crashtracker v1.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   └── libdd-crashtracker-ffi v32.0.0 (*)
          │       ├── libdd-crashtracker-ffi v32.0.0 (*)
          │       ├── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-dogstatsd-client v2.0.0
          │       │   ├── datadog-sidecar v0.0.1 (*)
          │       │   └── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-shared-runtime v0.1.0
          │       │   ├── (dev) libdd-data-pipeline v3.0.1 (*)
          │       │   ├── libdd-telemetry v4.0.0
          │       │   │   ├── datadog-sidecar v0.0.1 (*)
          │       │   │   ├── libdd-crashtracker v1.0.0 (*)
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-stats v2.0.0 (*)
          │       ├── libdd-telemetry v4.0.0 (*)
          │       ├── libdd-trace-stats v2.0.0 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

error[vulnerability]: Denial of Service via Stack Exhaustion
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:364:1
    │
364 │ time 0.3.41 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0009
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0009
    ├ ## Impact
      
      When user-provided input is provided to any type that parses with the RFC 2822 format, a denial of
      service attack via stack exhaustion is possible. The attack relies on formally deprecated and
      rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary,
      non-malicious input will never encounter this scenario.
      
      ## Patches
      
      A limit to the depth of recursion was added in v0.3.47. From this version, an error will be returned
      rather than exhausting the stack.
      
      ## Workarounds
      
      Limiting the length of user input is the simplest way to avoid stack exhaustion, as the amount of
      the stack consumed would be at most a factor of the length of the input.
    ├ Announcement: https://github.com/time-rs/time/blob/main/CHANGELOG.md#0347-2026-02-05
    ├ Solution: Upgrade to >=0.3.47 (try `cargo update -p time`)
    ├ time v0.3.41
      ├── datadog-remote-config v0.0.1
      │   ├── (dev) datadog-remote-config v0.0.1 (*)
      │   └── (dev) datadog-sidecar v0.0.1
      └── tracing-appender v0.2.3
          └── libdd-log v1.0.0
              └── (dev) libdd-data-pipeline v3.0.1
                  ├── datadog-live-debugger v0.0.1
                  │   ├── datadog-remote-config v0.0.1 (*)
                  │   └── datadog-sidecar v0.0.1 (*)
                  └── datadog-sidecar v0.0.1 (*)

advisories FAILED, bans ok, sources ok

📦 `libdd-capabilities-impl` - 4 error(s)

Show output

error[unsound]: Rand is unsound with a custom logger using `rand::rng()`
   ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:64:1
   │
64 │ rand 0.8.5 registry+https://github.com/rust-lang/crates.io-index
   │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unsound advisory detected
   │
   ├ ID: RUSTSEC-2026-0097
   ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0097
   ├ It has been reported (by @lopopolo) that the `rand` library is [unsound](https://rust-lang.github.io/unsafe-code-guidelines/glossary.html#soundness-of-code--of-a-library) (i.e. that safe code using the public API can cause Undefined Behaviour) when all the following conditions are met:
     
     - The `log` and `thread_rng` features are enabled
     - A [custom logger](https://docs.rs/log/latest/log/#implementing-a-logger) is defined
     - The custom logger accesses `rand::rng()` (previously `rand::thread_rng()`) and calls any `TryRng` (previously `RngCore`) methods on `ThreadRng`
     - The `ThreadRng` (attempts to) reseed while called from the custom logger (this happens every 64 kB of generated data)
     - Trace-level logging is enabled or warn-level logging is enabled and the random source (the `getrandom` crate) is unable to provide a new seed
     
     `TryRng` (previously `RngCore`) methods for `ThreadRng` use `unsafe` code to cast `*mut BlockRng<ReseedingCore>` to `&mut BlockRng<ReseedingCore>`. When all the above conditions are met this results in an aliased mutable reference, violating the Stacked Borrows rules. Miri is able to detect this violation in sample code. Since construction of [aliased mutable references is Undefined Behaviour](https://doc.rust-lang.org/stable/nomicon/references.html), the behaviour of optimized builds is hard to predict.
   ├ Announcement: https://github.com/rust-random/rand/pull/1763
   ├ Solution: Upgrade to >=0.10.1 OR <0.10.0, >=0.9.3 OR <0.9.0, >=0.8.6 (try `cargo update -p rand`)
   ├ rand v0.8.5
     └── (dev) libdd-common v4.0.0
         └── libdd-capabilities-impl v1.0.0

error[vulnerability]: Name constraints for URI names were incorrectly accepted
   ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:75:1
   │
75 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
   │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
   │
   ├ ID: RUSTSEC-2026-0098
   ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0098
   ├ Name constraints for URI names were ignored and therefore accepted.
     
     Note this library does not provide an API for asserting URI names, and URI name constraints are otherwise not implemented.  URI name constraints are now rejected unconditionally.
     
     Since name constraints are restrictions on otherwise properly-issued certificates, this bug is reachable only after signature verification and requires misissuance to exploit.
     
     This vulnerability is identified as [GHSA-965h-392x-2mh5](https://github.com/rustls/webpki/security/advisories/GHSA-965h-392x-2mh5). Thank you to @1seal for the report.
   ├ Solution: Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6 (try `cargo update -p rustls-webpki`)
   ├ rustls-webpki v0.103.10
     └── rustls v0.23.37
         ├── hyper-rustls v0.27.7
         │   └── libdd-common v4.0.0
         │       └── libdd-capabilities-impl v1.0.0
         ├── libdd-common v4.0.0 (*)
         └── tokio-rustls v0.26.0
             ├── hyper-rustls v0.27.7 (*)
             └── libdd-common v4.0.0 (*)

error[vulnerability]: Name constraints were accepted for certificates asserting a wildcard name
   ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:75:1
   │
75 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
   │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
   │
   ├ ID: RUSTSEC-2026-0099
   ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0099
   ├ Permitted subtree name constraints for DNS names were accepted for certificates asserting a wildcard name.
     
     This was incorrect because, given a name constraint of `accept.example.com`, `*.example.com` could feasibly allow a name of `reject.example.com` which is outside the constraint.
     This is very similar to [CVE-2025-61727](https://go.dev/issue/76442).
     
     Since name constraints are restrictions on otherwise properly-issued certificates, this bug is reachable only after signature verification and requires misissuance to exploit.
     
     This vulnerability is identified as [GHSA-xgp8-3hg3-c2mh](https://github.com/rustls/webpki/security/advisories/GHSA-xgp8-3hg3-c2mh). Thank you to @1seal for the report.
   ├ Solution: Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6 (try `cargo update -p rustls-webpki`)
   ├ rustls-webpki v0.103.10
     └── rustls v0.23.37
         ├── hyper-rustls v0.27.7
         │   └── libdd-common v4.0.0
         │       └── libdd-capabilities-impl v1.0.0
         ├── libdd-common v4.0.0 (*)
         └── tokio-rustls v0.26.0
             ├── hyper-rustls v0.27.7 (*)
             └── libdd-common v4.0.0 (*)

error[vulnerability]: Reachable panic in certificate revocation list parsing
   ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:75:1
   │
75 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
   │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
   │
   ├ ID: RUSTSEC-2026-0104
   ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0104
   ├ A panic was reachable when parsing certificate revocation lists via [`BorrowedCertRevocationList::from_der`]
     or [`OwnedCertRevocationList::from_der`].  This was the result of mishandling a syntactically valid empty
     `BIT STRING` appearing in the `onlySomeReasons` element of a `IssuingDistributionPoint` CRL extension.
     
     This panic is reachable prior to a CRL's signature being verified.
     
     Applications that do not use CRLs are not affected.
     
     Thank you to @tynus3 for the report.
   ├ Solution: Upgrade to >=0.103.13, <0.104.0-alpha.1 OR >=0.104.0-alpha.7 (try `cargo update -p rustls-webpki`)
   ├ rustls-webpki v0.103.10
     └── rustls v0.23.37
         ├── hyper-rustls v0.27.7
         │   └── libdd-common v4.0.0
         │       └── libdd-capabilities-impl v1.0.0
         ├── libdd-common v4.0.0 (*)
         └── tokio-rustls v0.26.0
             ├── hyper-rustls v0.27.7 (*)
             └── libdd-common v4.0.0 (*)

advisories FAILED, bans ok, sources ok

📦 `libdd-capabilities` - ✅ No issues

📦 `libdd-data-pipeline` - 5 error(s)

Show output

error[unsound]: Rand is unsound with a custom logger using `rand::rng()`
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:208:1
    │
208 │ rand 0.8.5 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unsound advisory detected
    │
    ├ ID: RUSTSEC-2026-0097
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0097
    ├ It has been reported (by @lopopolo) that the `rand` library is [unsound](https://rust-lang.github.io/unsafe-code-guidelines/glossary.html#soundness-of-code--of-a-library) (i.e. that safe code using the public API can cause Undefined Behaviour) when all the following conditions are met:
      
      - The `log` and `thread_rng` features are enabled
      - A [custom logger](https://docs.rs/log/latest/log/#implementing-a-logger) is defined
      - The custom logger accesses `rand::rng()` (previously `rand::thread_rng()`) and calls any `TryRng` (previously `RngCore`) methods on `ThreadRng`
      - The `ThreadRng` (attempts to) reseed while called from the custom logger (this happens every 64 kB of generated data)
      - Trace-level logging is enabled or warn-level logging is enabled and the random source (the `getrandom` crate) is unable to provide a new seed
      
      `TryRng` (previously `RngCore`) methods for `ThreadRng` use `unsafe` code to cast `*mut BlockRng<ReseedingCore>` to `&mut BlockRng<ReseedingCore>`. When all the above conditions are met this results in an aliased mutable reference, violating the Stacked Borrows rules. Miri is able to detect this violation in sample code. Since construction of [aliased mutable references is Undefined Behaviour](https://doc.rust-lang.org/stable/nomicon/references.html), the behaviour of optimized builds is hard to predict.
    ├ Announcement: https://github.com/rust-random/rand/pull/1763
    ├ Solution: Upgrade to >=0.10.1 OR <0.10.0, >=0.9.3 OR <0.9.0, >=0.8.6 (try `cargo update -p rand`)
    ├ rand v0.8.5
      ├── libdd-common v4.0.0
      │   ├── libdd-capabilities-impl v1.0.0
      │   │   ├── (dev) libdd-data-pipeline v3.0.1
      │   │   ├── libdd-trace-stats v2.0.0
      │   │   │   └── libdd-data-pipeline v3.0.1 (*)
      │   │   └── libdd-trace-utils v3.0.1
      │   │       ├── libdd-data-pipeline v3.0.1 (*)
      │   │       ├── libdd-trace-stats v2.0.0 (*)
      │   │       └── (dev) libdd-trace-utils v3.0.1 (*)
      │   ├── libdd-data-pipeline v3.0.1 (*)
      │   ├── libdd-dogstatsd-client v2.0.0
      │   │   └── libdd-data-pipeline v3.0.1 (*)
      │   ├── libdd-shared-runtime v0.1.0
      │   │   ├── (dev) libdd-data-pipeline v3.0.1 (*)
      │   │   ├── libdd-telemetry v4.0.0
      │   │   │   └── libdd-data-pipeline v3.0.1 (*)
      │   │   └── libdd-trace-stats v2.0.0 (*)
      │   ├── libdd-telemetry v4.0.0 (*)
      │   ├── libdd-trace-stats v2.0.0 (*)
      │   └── libdd-trace-utils v3.0.1 (*)
      ├── (dev) libdd-data-pipeline v3.0.1 (*)
      ├── (dev) libdd-trace-normalization v2.0.0
      │   └── libdd-trace-utils v3.0.1 (*)
      ├── (dev) libdd-trace-stats v2.0.0 (*)
      ├── libdd-trace-utils v3.0.1 (*)
      └── proptest v1.5.0
          └── (dev) libdd-tinybytes v1.1.0
              ├── libdd-data-pipeline v3.0.1 (*)
              ├── (dev) libdd-tinybytes v1.1.0 (*)
              └── libdd-trace-utils v3.0.1 (*)

error[vulnerability]: Name constraints for URI names were incorrectly accepted
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:230:1
    │
230 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0098
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0098
    ├ Name constraints for URI names were ignored and therefore accepted.
      
      Note this library does not provide an API for asserting URI names, and URI name constraints are otherwise not implemented.  URI name constraints are now rejected unconditionally.
      
      Since name constraints are restrictions on otherwise properly-issued certificates, this bug is reachable only after signature verification and requires misissuance to exploit.
      
      This vulnerability is identified as [GHSA-965h-392x-2mh5](https://github.com/rustls/webpki/security/advisories/GHSA-965h-392x-2mh5). Thank you to @1seal for the report.
    ├ Solution: Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   ├── (dev) libdd-data-pipeline v3.0.1
          │       │   ├── libdd-trace-stats v2.0.0
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-utils v3.0.1
          │       │       ├── libdd-data-pipeline v3.0.1 (*)
          │       │       ├── libdd-trace-stats v2.0.0 (*)
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       ├── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-dogstatsd-client v2.0.0
          │       │   └── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-shared-runtime v0.1.0
          │       │   ├── (dev) libdd-data-pipeline v3.0.1 (*)
          │       │   ├── libdd-telemetry v4.0.0
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-stats v2.0.0 (*)
          │       ├── libdd-telemetry v4.0.0 (*)
          │       ├── libdd-trace-stats v2.0.0 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

error[vulnerability]: Name constraints were accepted for certificates asserting a wildcard name
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:230:1
    │
230 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0099
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0099
    ├ Permitted subtree name constraints for DNS names were accepted for certificates asserting a wildcard name.
      
      This was incorrect because, given a name constraint of `accept.example.com`, `*.example.com` could feasibly allow a name of `reject.example.com` which is outside the constraint.
      This is very similar to [CVE-2025-61727](https://go.dev/issue/76442).
      
      Since name constraints are restrictions on otherwise properly-issued certificates, this bug is reachable only after signature verification and requires misissuance to exploit.
      
      This vulnerability is identified as [GHSA-xgp8-3hg3-c2mh](https://github.com/rustls/webpki/security/advisories/GHSA-xgp8-3hg3-c2mh). Thank you to @1seal for the report.
    ├ Solution: Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   ├── (dev) libdd-data-pipeline v3.0.1
          │       │   ├── libdd-trace-stats v2.0.0
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-utils v3.0.1
          │       │       ├── libdd-data-pipeline v3.0.1 (*)
          │       │       ├── libdd-trace-stats v2.0.0 (*)
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       ├── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-dogstatsd-client v2.0.0
          │       │   └── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-shared-runtime v0.1.0
          │       │   ├── (dev) libdd-data-pipeline v3.0.1 (*)
          │       │   ├── libdd-telemetry v4.0.0
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-stats v2.0.0 (*)
          │       ├── libdd-telemetry v4.0.0 (*)
          │       ├── libdd-trace-stats v2.0.0 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

error[vulnerability]: Reachable panic in certificate revocation list parsing
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:230:1
    │
230 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0104
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0104
    ├ A panic was reachable when parsing certificate revocation lists via [`BorrowedCertRevocationList::from_der`]
      or [`OwnedCertRevocationList::from_der`].  This was the result of mishandling a syntactically valid empty
      `BIT STRING` appearing in the `onlySomeReasons` element of a `IssuingDistributionPoint` CRL extension.
      
      This panic is reachable prior to a CRL's signature being verified.
      
      Applications that do not use CRLs are not affected.
      
      Thank you to @tynus3 for the report.
    ├ Solution: Upgrade to >=0.103.13, <0.104.0-alpha.1 OR >=0.104.0-alpha.7 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   ├── (dev) libdd-data-pipeline v3.0.1
          │       │   ├── libdd-trace-stats v2.0.0
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-utils v3.0.1
          │       │       ├── libdd-data-pipeline v3.0.1 (*)
          │       │       ├── libdd-trace-stats v2.0.0 (*)
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       ├── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-dogstatsd-client v2.0.0
          │       │   └── libdd-data-pipeline v3.0.1 (*)
          │       ├── libdd-shared-runtime v0.1.0
          │       │   ├── (dev) libdd-data-pipeline v3.0.1 (*)
          │       │   ├── libdd-telemetry v4.0.0
          │       │   │   └── libdd-data-pipeline v3.0.1 (*)
          │       │   └── libdd-trace-stats v2.0.0 (*)
          │       ├── libdd-telemetry v4.0.0 (*)
          │       ├── libdd-trace-stats v2.0.0 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

error[vulnerability]: Denial of Service via Stack Exhaustion
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:270:1
    │
270 │ time 0.3.41 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0009
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0009
    ├ ## Impact
      
      When user-provided input is provided to any type that parses with the RFC 2822 format, a denial of
      service attack via stack exhaustion is possible. The attack relies on formally deprecated and
      rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary,
      non-malicious input will never encounter this scenario.
      
      ## Patches
      
      A limit to the depth of recursion was added in v0.3.47. From this version, an error will be returned
      rather than exhausting the stack.
      
      ## Workarounds
      
      Limiting the length of user input is the simplest way to avoid stack exhaustion, as the amount of
      the stack consumed would be at most a factor of the length of the input.
    ├ Announcement: https://github.com/time-rs/time/blob/main/CHANGELOG.md#0347-2026-02-05
    ├ Solution: Upgrade to >=0.3.47 (try `cargo update -p time`)
    ├ time v0.3.41
      └── tracing-appender v0.2.3
          └── libdd-log v1.0.0
              └── (dev) libdd-data-pipeline v3.0.1

advisories FAILED, bans ok, sources ok

📦 `libdd-shared-runtime` - 1 error(s)

Show output

error[unsound]: Rand is unsound with a custom logger using `rand::rng()`
   ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:61:1
   │
61 │ rand 0.8.5 registry+https://github.com/rust-lang/crates.io-index
   │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unsound advisory detected
   │
   ├ ID: RUSTSEC-2026-0097
   ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0097
   ├ It has been reported (by @lopopolo) that the `rand` library is [unsound](https://rust-lang.github.io/unsafe-code-guidelines/glossary.html#soundness-of-code--of-a-library) (i.e. that safe code using the public API can cause Undefined Behaviour) when all the following conditions are met:
     
     - The `log` and `thread_rng` features are enabled
     - A [custom logger](https://docs.rs/log/latest/log/#implementing-a-logger) is defined
     - The custom logger accesses `rand::rng()` (previously `rand::thread_rng()`) and calls any `TryRng` (previously `RngCore`) methods on `ThreadRng`
     - The `ThreadRng` (attempts to) reseed while called from the custom logger (this happens every 64 kB of generated data)
     - Trace-level logging is enabled or warn-level logging is enabled and the random source (the `getrandom` crate) is unable to provide a new seed
     
     `TryRng` (previously `RngCore`) methods for `ThreadRng` use `unsafe` code to cast `*mut BlockRng<ReseedingCore>` to `&mut BlockRng<ReseedingCore>`. When all the above conditions are met this results in an aliased mutable reference, violating the Stacked Borrows rules. Miri is able to detect this violation in sample code. Since construction of [aliased mutable references is Undefined Behaviour](https://doc.rust-lang.org/stable/nomicon/references.html), the behaviour of optimized builds is hard to predict.
   ├ Announcement: https://github.com/rust-random/rand/pull/1763
   ├ Solution: Upgrade to >=0.10.1 OR <0.10.0, >=0.9.3 OR <0.9.0, >=0.8.6 (try `cargo update -p rand`)
   ├ rand v0.8.5
     └── (dev) libdd-common v4.0.0
         └── libdd-shared-runtime v0.1.0

advisories FAILED, bans ok, sources ok

📦 `libdd-trace-stats` - 4 error(s)

Show output

error[unsound]: Rand is unsound with a custom logger using `rand::rng()`
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:183:1
    │
183 │ rand 0.8.5 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unsound advisory detected
    │
    ├ ID: RUSTSEC-2026-0097
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0097
    ├ It has been reported (by @lopopolo) that the `rand` library is [unsound](https://rust-lang.github.io/unsafe-code-guidelines/glossary.html#soundness-of-code--of-a-library) (i.e. that safe code using the public API can cause Undefined Behaviour) when all the following conditions are met:
      
      - The `log` and `thread_rng` features are enabled
      - A [custom logger](https://docs.rs/log/latest/log/#implementing-a-logger) is defined
      - The custom logger accesses `rand::rng()` (previously `rand::thread_rng()`) and calls any `TryRng` (previously `RngCore`) methods on `ThreadRng`
      - The `ThreadRng` (attempts to) reseed while called from the custom logger (this happens every 64 kB of generated data)
      - Trace-level logging is enabled or warn-level logging is enabled and the random source (the `getrandom` crate) is unable to provide a new seed
      
      `TryRng` (previously `RngCore`) methods for `ThreadRng` use `unsafe` code to cast `*mut BlockRng<ReseedingCore>` to `&mut BlockRng<ReseedingCore>`. When all the above conditions are met this results in an aliased mutable reference, violating the Stacked Borrows rules. Miri is able to detect this violation in sample code. Since construction of [aliased mutable references is Undefined Behaviour](https://doc.rust-lang.org/stable/nomicon/references.html), the behaviour of optimized builds is hard to predict.
    ├ Announcement: https://github.com/rust-random/rand/pull/1763
    ├ Solution: Upgrade to >=0.10.1 OR <0.10.0, >=0.9.3 OR <0.9.0, >=0.8.6 (try `cargo update -p rand`)
    ├ rand v0.8.5
      ├── (dev) libdd-common v4.0.0
      │   ├── libdd-capabilities-impl v1.0.0
      │   │   ├── libdd-trace-stats v2.0.0
      │   │   └── libdd-trace-utils v3.0.1
      │   │       ├── libdd-trace-stats v2.0.0 (*)
      │   │       └── (dev) libdd-trace-utils v3.0.1 (*)
      │   ├── libdd-shared-runtime v0.1.0
      │   │   └── libdd-trace-stats v2.0.0 (*)
      │   ├── libdd-trace-stats v2.0.0 (*)
      │   └── libdd-trace-utils v3.0.1 (*)
      ├── (dev) libdd-trace-normalization v2.0.0
      │   └── libdd-trace-utils v3.0.1 (*)
      ├── (dev) libdd-trace-stats v2.0.0 (*)
      ├── libdd-trace-utils v3.0.1 (*)
      └── proptest v1.5.0
          └── (dev) libdd-tinybytes v1.1.0
              ├── (dev) libdd-tinybytes v1.1.0 (*)
              └── libdd-trace-utils v3.0.1 (*)

error[vulnerability]: Name constraints for URI names were incorrectly accepted
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:205:1
    │
205 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0098
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0098
    ├ Name constraints for URI names were ignored and therefore accepted.
      
      Note this library does not provide an API for asserting URI names, and URI name constraints are otherwise not implemented.  URI name constraints are now rejected unconditionally.
      
      Since name constraints are restrictions on otherwise properly-issued certificates, this bug is reachable only after signature verification and requires misissuance to exploit.
      
      This vulnerability is identified as [GHSA-965h-392x-2mh5](https://github.com/rustls/webpki/security/advisories/GHSA-965h-392x-2mh5). Thank you to @1seal for the report.
    ├ Solution: Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   ├── libdd-trace-stats v2.0.0
          │       │   └── libdd-trace-utils v3.0.1
          │       │       ├── libdd-trace-stats v2.0.0 (*)
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       ├── libdd-shared-runtime v0.1.0
          │       │   └── libdd-trace-stats v2.0.0 (*)
          │       ├── libdd-trace-stats v2.0.0 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

error[vulnerability]: Name constraints were accepted for certificates asserting a wildcard name
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:205:1
    │
205 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0099
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0099
    ├ Permitted subtree name constraints for DNS names were accepted for certificates asserting a wildcard name.
      
      This was incorrect because, given a name constraint of `accept.example.com`, `*.example.com` could feasibly allow a name of `reject.example.com` which is outside the constraint.
      This is very similar to [CVE-2025-61727](https://go.dev/issue/76442).
      
      Since name constraints are restrictions on otherwise properly-issued certificates, this bug is reachable only after signature verification and requires misissuance to exploit.
      
      This vulnerability is identified as [GHSA-xgp8-3hg3-c2mh](https://github.com/rustls/webpki/security/advisories/GHSA-xgp8-3hg3-c2mh). Thank you to @1seal for the report.
    ├ Solution: Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   ├── libdd-trace-stats v2.0.0
          │       │   └── libdd-trace-utils v3.0.1
          │       │       ├── libdd-trace-stats v2.0.0 (*)
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       ├── libdd-shared-runtime v0.1.0
          │       │   └── libdd-trace-stats v2.0.0 (*)
          │       ├── libdd-trace-stats v2.0.0 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

error[vulnerability]: Reachable panic in certificate revocation list parsing
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:205:1
    │
205 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0104
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0104
    ├ A panic was reachable when parsing certificate revocation lists via [`BorrowedCertRevocationList::from_der`]
      or [`OwnedCertRevocationList::from_der`].  This was the result of mishandling a syntactically valid empty
      `BIT STRING` appearing in the `onlySomeReasons` element of a `IssuingDistributionPoint` CRL extension.
      
      This panic is reachable prior to a CRL's signature being verified.
      
      Applications that do not use CRLs are not affected.
      
      Thank you to @tynus3 for the report.
    ├ Solution: Upgrade to >=0.103.13, <0.104.0-alpha.1 OR >=0.104.0-alpha.7 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   ├── libdd-trace-stats v2.0.0
          │       │   └── libdd-trace-utils v3.0.1
          │       │       ├── libdd-trace-stats v2.0.0 (*)
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       ├── libdd-shared-runtime v0.1.0
          │       │   └── libdd-trace-stats v2.0.0 (*)
          │       ├── libdd-trace-stats v2.0.0 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

advisories FAILED, bans ok, sources ok

📦 `libdd-trace-utils` - 4 error(s)

Show output

error[unsound]: Rand is unsound with a custom logger using `rand::rng()`
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:177:1
    │
177 │ rand 0.8.5 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unsound advisory detected
    │
    ├ ID: RUSTSEC-2026-0097
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0097
    ├ It has been reported (by @lopopolo) that the `rand` library is [unsound](https://rust-lang.github.io/unsafe-code-guidelines/glossary.html#soundness-of-code--of-a-library) (i.e. that safe code using the public API can cause Undefined Behaviour) when all the following conditions are met:
      
      - The `log` and `thread_rng` features are enabled
      - A [custom logger](https://docs.rs/log/latest/log/#implementing-a-logger) is defined
      - The custom logger accesses `rand::rng()` (previously `rand::thread_rng()`) and calls any `TryRng` (previously `RngCore`) methods on `ThreadRng`
      - The `ThreadRng` (attempts to) reseed while called from the custom logger (this happens every 64 kB of generated data)
      - Trace-level logging is enabled or warn-level logging is enabled and the random source (the `getrandom` crate) is unable to provide a new seed
      
      `TryRng` (previously `RngCore`) methods for `ThreadRng` use `unsafe` code to cast `*mut BlockRng<ReseedingCore>` to `&mut BlockRng<ReseedingCore>`. When all the above conditions are met this results in an aliased mutable reference, violating the Stacked Borrows rules. Miri is able to detect this violation in sample code. Since construction of [aliased mutable references is Undefined Behaviour](https://doc.rust-lang.org/stable/nomicon/references.html), the behaviour of optimized builds is hard to predict.
    ├ Announcement: https://github.com/rust-random/rand/pull/1763
    ├ Solution: Upgrade to >=0.10.1 OR <0.10.0, >=0.9.3 OR <0.9.0, >=0.8.6 (try `cargo update -p rand`)
    ├ rand v0.8.5
      ├── (dev) libdd-common v4.0.0
      │   ├── libdd-capabilities-impl v1.0.0
      │   │   └── libdd-trace-utils v3.0.1
      │   │       └── (dev) libdd-trace-utils v3.0.1 (*)
      │   └── libdd-trace-utils v3.0.1 (*)
      ├── (dev) libdd-trace-normalization v2.0.0
      │   └── libdd-trace-utils v3.0.1 (*)
      ├── libdd-trace-utils v3.0.1 (*)
      └── proptest v1.5.0
          └── (dev) libdd-tinybytes v1.1.0
              ├── (dev) libdd-tinybytes v1.1.0 (*)
              └── libdd-trace-utils v3.0.1 (*)

error[vulnerability]: Name constraints for URI names were incorrectly accepted
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:199:1
    │
199 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0098
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0098
    ├ Name constraints for URI names were ignored and therefore accepted.
      
      Note this library does not provide an API for asserting URI names, and URI name constraints are otherwise not implemented.  URI name constraints are now rejected unconditionally.
      
      Since name constraints are restrictions on otherwise properly-issued certificates, this bug is reachable only after signature verification and requires misissuance to exploit.
      
      This vulnerability is identified as [GHSA-965h-392x-2mh5](https://github.com/rustls/webpki/security/advisories/GHSA-965h-392x-2mh5). Thank you to @1seal for the report.
    ├ Solution: Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   └── libdd-trace-utils v3.0.1
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

error[vulnerability]: Name constraints were accepted for certificates asserting a wildcard name
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:199:1
    │
199 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0099
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0099
    ├ Permitted subtree name constraints for DNS names were accepted for certificates asserting a wildcard name.
      
      This was incorrect because, given a name constraint of `accept.example.com`, `*.example.com` could feasibly allow a name of `reject.example.com` which is outside the constraint.
      This is very similar to [CVE-2025-61727](https://go.dev/issue/76442).
      
      Since name constraints are restrictions on otherwise properly-issued certificates, this bug is reachable only after signature verification and requires misissuance to exploit.
      
      This vulnerability is identified as [GHSA-xgp8-3hg3-c2mh](https://github.com/rustls/webpki/security/advisories/GHSA-xgp8-3hg3-c2mh). Thank you to @1seal for the report.
    ├ Solution: Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   └── libdd-trace-utils v3.0.1
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

error[vulnerability]: Reachable panic in certificate revocation list parsing
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:199:1
    │
199 │ rustls-webpki 0.103.10 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0104
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0104
    ├ A panic was reachable when parsing certificate revocation lists via [`BorrowedCertRevocationList::from_der`]
      or [`OwnedCertRevocationList::from_der`].  This was the result of mishandling a syntactically valid empty
      `BIT STRING` appearing in the `onlySomeReasons` element of a `IssuingDistributionPoint` CRL extension.
      
      This panic is reachable prior to a CRL's signature being verified.
      
      Applications that do not use CRLs are not affected.
      
      Thank you to @tynus3 for the report.
    ├ Solution: Upgrade to >=0.103.13, <0.104.0-alpha.1 OR >=0.104.0-alpha.7 (try `cargo update -p rustls-webpki`)
    ├ rustls-webpki v0.103.10
      └── rustls v0.23.37
          ├── hyper-rustls v0.27.7
          │   └── libdd-common v4.0.0
          │       ├── libdd-capabilities-impl v1.0.0
          │       │   └── libdd-trace-utils v3.0.1
          │       │       └── (dev) libdd-trace-utils v3.0.1 (*)
          │       └── libdd-trace-utils v3.0.1 (*)
          ├── libdd-common v4.0.0 (*)
          └── tokio-rustls v0.26.0
              ├── hyper-rustls v0.27.7 (*)
              └── libdd-common v4.0.0 (*)

advisories FAILED, bans ok, sources ok

Updated: 2026-04-27 13:15:11 UTC | Commit: 24ea79e | dependency-check job results

github-actions · 2026-04-13T17:25:43Z

Clippy Allow Annotation Report

Comparing clippy allow annotations between branches:

Base Branch: origin/main
PR Branch: origin/jwiriath/runtime-capability

Summary by Rule

Rule	Base Branch	PR Branch	Change
unwrap_used	16	16	No change (0%)
Total	16	16	No change (0%)

Annotation Counts by File

File	Base Branch	PR Branch	Change
`datadog-sidecar/src/service/agent_info.rs`	4	4	No change (0%)
`datadog-sidecar/src/service/stats_flusher.rs`	1	1	No change (0%)
`datadog-sidecar/src/service/tracing/trace_flusher.rs`	1	1	No change (0%)
`libdd-data-pipeline/src/telemetry/mod.rs`	1	1	No change (0%)
`libdd-data-pipeline/src/trace_buffer/mod.rs`	1	1	No change (0%)
`libdd-data-pipeline/src/trace_exporter/mod.rs`	2	2	No change (0%)
`libdd-trace-stats/src/stats_exporter.rs`	1	1	No change (0%)
`libdd-trace-utils/src/send_data/mod.rs`	5	5	No change (0%)

Annotation Stats by Crate

Crate	Base Branch	PR Branch	Change
`clippy-annotation-reporter`	5	5	No change (0%)
`datadog-ffe-ffi`	1	1	No change (0%)
`datadog-ipc`	21	21	No change (0%)
`datadog-live-debugger`	6	6	No change (0%)
`datadog-live-debugger-ffi`	10	10	No change (0%)
`datadog-profiling-replayer`	4	4	No change (0%)
`datadog-remote-config`	3	3	No change (0%)
`datadog-sidecar`	56	56	No change (0%)
`libdd-common`	10	10	No change (0%)
`libdd-common-ffi`	12	12	No change (0%)
`libdd-data-pipeline`	5	5	No change (0%)
`libdd-ddsketch`	2	2	No change (0%)
`libdd-dogstatsd-client`	1	1	No change (0%)
`libdd-profiling`	13	13	No change (0%)
`libdd-telemetry`	19	19	No change (0%)
`libdd-tinybytes`	4	4	No change (0%)
`libdd-trace-normalization`	2	2	No change (0%)
`libdd-trace-obfuscation`	8	8	No change (0%)
`libdd-trace-stats`	1	1	No change (0%)
`libdd-trace-utils`	15	15	No change (0%)
Total	198	198	No change (0%)

About This Report

This report tracks Clippy allow annotations for specific rules, showing how they've changed in this PR. Decreasing the number of these annotations generally improves code quality.

codecov-commenter · 2026-04-13T17:35:46Z

Codecov Report

❌ Patch coverage is 90.00000% with 52 lines in your changes missing coverage. Please review.
✅ Project coverage is 71.77%. Comparing base (6b610e9) to head (1e64b86).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1873      +/-   ##
==========================================
- Coverage   71.78%   71.77%   -0.01%     
==========================================
  Files         434      437       +3     
  Lines       69951    70138     +187     
==========================================
+ Hits        50211    50344     +133     
- Misses      19740    19794      +54

Components	Coverage Δ
libdd-crashtracker	`65.99% <ø> (-0.02%)`	⬇️
libdd-crashtracker-ffi	`34.47% <ø> (ø)`
libdd-alloc	`98.77% <ø> (ø)`
libdd-data-pipeline	`85.78% <90.05%> (-0.09%)`	⬇️
libdd-data-pipeline-ffi	`70.81% <ø> (-1.13%)`	⬇️
libdd-common	`79.41% <ø> (ø)`
libdd-common-ffi	`73.87% <ø> (ø)`
libdd-telemetry	`68.09% <ø> (+0.02%)`	⬆️
libdd-telemetry-ffi	`19.37% <ø> (ø)`
libdd-dogstatsd-client	`82.64% <ø> (ø)`
datadog-ipc	`76.31% <ø> (ø)`
libdd-profiling	`81.61% <ø> (ø)`
libdd-profiling-ffi	`64.36% <ø> (ø)`
datadog-sidecar	`29.16% <100.00%> (-0.24%)`	⬇️
datdog-sidecar-ffi	`7.53% <ø> (-0.94%)`	⬇️
spawn-worker	`54.69% <ø> (ø)`
libdd-tinybytes	`93.16% <ø> (ø)`
libdd-trace-normalization	`81.71% <ø> (ø)`
libdd-trace-obfuscation	`87.26% <ø> (ø)`
libdd-trace-protobuf	`68.25% <ø> (ø)`
libdd-trace-utils	`89.31% <91.04%> (+0.04%)`	⬆️
datadog-tracer-flare	`86.88% <ø> (ø)`
libdd-log	`74.69% <ø> (ø)`

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

datadog-prod-us1-4 · 2026-04-13T17:36:16Z

🎉 All green!

❄️ No new flaky tests detected
🧪 All tests passed

🎯 Code Coverage (details)
• Patch Coverage: 90.00%
• Overall Coverage: 71.78% (-0.01%)

_{This comment will be updated automatically if new data arrives.

🔗 Commit SHA: 1e64b86 | Docs | Datadog PR Page | Give us feedback!}

dd-octo-sts · 2026-04-13T17:56:08Z

Artifact Size Benchmark Report

aarch64-alpine-linux-musl

Artifact	Baseline	Commit	Change
/aarch64-alpine-linux-musl/lib/libdatadog_profiling.so	7.63 MB	7.63 MB	0% (0 B) 👌
/aarch64-alpine-linux-musl/lib/libdatadog_profiling.a	83.31 MB	83.34 MB	+.03% (+31.30 KB) 🔍

aarch64-unknown-linux-gnu

Artifact	Baseline	Commit	Change
/aarch64-unknown-linux-gnu/lib/libdatadog_profiling.a	99.42 MB	99.44 MB	+.02% (+24.44 KB) 🔍
/aarch64-unknown-linux-gnu/lib/libdatadog_profiling.so	10.10 MB	10.17 MB	+.64% (+67.12 KB) 🔍

libdatadog-x64-windows

Artifact	Baseline	Commit	Change
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.dll	25.19 MB	25.20 MB	+.04% (+12.00 KB) 🔍
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.lib	79.90 KB	79.90 KB	0% (0 B) 👌
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.pdb	184.48 MB	184.83 MB	+.19% (+368.00 KB) 🔍
/libdatadog-x64-windows/debug/static/datadog_profiling_ffi.lib	918.37 MB	924.35 MB	+.65% (+5.98 MB) 🔍
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.dll	7.89 MB	7.90 MB	+.03% (+2.50 KB) 🔍
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.lib	79.90 KB	79.90 KB	0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.pdb	23.67 MB	23.68 MB	+.03% (+8.00 KB) 🔍
/libdatadog-x64-windows/release/static/datadog_profiling_ffi.lib	46.19 MB	46.21 MB	+.04% (+23.32 KB) 🔍

libdatadog-x86-windows

Artifact	Baseline	Commit	Change
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.dll	21.67 MB	21.68 MB	+.05% (+11.50 KB) 🔍
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.lib	81.14 KB	81.14 KB	0% (0 B) 👌
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.pdb	188.58 MB	188.97 MB	+.20% (+400.00 KB) 🔍
/libdatadog-x86-windows/debug/static/datadog_profiling_ffi.lib	904.02 MB	909.99 MB	+.66% (+5.97 MB) 🔍
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.dll	6.13 MB	6.13 MB	+.04% (+3.00 KB) 🔍
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.lib	81.14 KB	81.14 KB	0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.pdb	25.35 MB	25.37 MB	+.06% (+16.00 KB) 🔍
/libdatadog-x86-windows/release/static/datadog_profiling_ffi.lib	43.67 MB	43.70 MB	+.05% (+26.41 KB) 🔍

x86_64-alpine-linux-musl

Artifact	Baseline	Commit	Change
/x86_64-alpine-linux-musl/lib/libdatadog_profiling.a	74.27 MB	74.29 MB	+.03% (+24.22 KB) 🔍
/x86_64-alpine-linux-musl/lib/libdatadog_profiling.so	8.55 MB	8.55 MB	0% (0 B) 👌

x86_64-unknown-linux-gnu

Artifact	Baseline	Commit	Change
/x86_64-unknown-linux-gnu/lib/libdatadog_profiling.a	91.78 MB	91.80 MB	+.02% (+19.50 KB) 🔍
/x86_64-unknown-linux-gnu/lib/libdatadog_profiling.so	10.20 MB	10.20 MB	+.06% (+6.34 KB) 🔍

bantonsson · 2026-04-16T12:32:45Z

-                } else {
-                    // The task has been aborted and the worker can't be retrieved.
-                    *self = PausableWorker::InvalidState;
-                    Err(PausableWorkerError::TaskAborted)


Why has the error handIng been removed? Won't the new code panic?

Tokio's JoinHandle implements Future<Output = Result<T, JoinError>>, now I use Box<dyn Future<Output = T>> instead for our WorkerJoinHandle<T>, so we can't directly use the same pattern.

I could make it so our JoinHandle type also is a Result but futures::remote_handle() yields a T and panics on drop-cancel, so this way everything has the same API.

Looking at solutions a little, I guess I can do something along the lines of std::panic::AssertUnwindSafe(handle).catch_unwind().await to get back a result here, but I'm not sure it's better.

I could make it so our JoinHandle type also is a Result

I think this is the way to go we want to avoid panics and this also allows us to follow through with other workers shutdown rather than panicking and dropping data on all workers.

bantonsson · 2026-04-16T12:49:34Z

+            stats = StatsComputationStatus::DisabledByAgent { bucket_size };
+        }
+
+        #[cfg(all(not(target_arch = "wasm32"), feature = "telemetry"))]


Can't this #[cfg...] mess be separated out in some way? This is barely readable.

I'm not sure how without making spaghetti, do you have something in mind ?

One possibility would be to accept that the two implementations are too different and make two separate versions of build. If there's really code duplication maybe some part can be moved into separate helpers?

(or dually move the platform-dependents bit into bespoke functions?)

VianneyRuhlmann · 2026-04-15T13:25:00Z

+        match Pin::new(&mut self.get_mut().0).poll(cx) {
+            Poll::Ready(Ok(val)) => Poll::Ready(val),
+            // JoinError means the task panicked or was aborted. Both unrecoverable.
+            Poll::Ready(Err(e)) => panic!("spawned task failed: {e}"),


I think tokio's JoinHandle return a JoinError instead of panicking which is probably better to be able to recover in some cases

I agree. We're just wrapping JoinHandle which returns a result, so there's no obvious reason to depart from this behavior and introduce panics instead.

VianneyRuhlmann · 2026-04-20T16:13:05Z

+    {
+        RuntimeJoinHandle(ctx.spawn(future))
+    }
+}


Should this be replaced by NativeSpawnCapability

I don't think it should:

NativeSpawnCapability lives in libdd-capabilities-impl, which is a leaf crate, libdd-shared-runtime (a core crate) can't depend on it without inverting the layering

libdd-capabilities-impl doesn't compile on wasm32, and this module needs to (the non-fork parts are wasm-compatible)

We could make the fork methods generic and have the FFI caller pass a spawner in, but it adds API surface for no real benefit, the internal RuntimeSpawner is a 5-line ZST that avoids the dependency while keeping the fork hooks simple

I might be missing something, but when you say:

NativeSpawnCapability lives in libdd-capabilities-impl, which is a leaf crate, libdd-shared-runtime (a core crate) can't depend on it without inverting the layering

Why should shared_runtime depend on it once we move everything to libdd-capabilities-impl? I think (but I'm not sure) @VianneyRuhlmann's question is, or at least the one I have as well, is why this code has to be in shared_runtime at all. It naively looks like it's entirely capability and native-specific, so should live in libdd-capabilities-impl. Do you need some private symbols from here?

The fork methods are impl SharedRuntime and access private fields. They can't move to libdd-capabilities-impl without making those fields public. RuntimeSpawner is only consumed by these methods, so it's co-located with them. Moving just the spawner out wouldn't buy anything since the methods that use it must stay here regardless

yannham

I have mixed feelings about the complexity and boilerplate added. Part of it is inherent to the capability approach. So the elephant in the room: is it acted and 100% decided that we want to go the WASM route and that we should support that? It has an impact of the whole of libdatadog, and it seems for now that the route for dd-trace-js is not entirely decided yet. It's obviously not one person's decision, but I wonder if we should move forward and merge things if this is not fully committed yet; since it's far-reaching, it might be harder to revert than just a git revert, as people will quickly build on it.

Another point is the shared runtime. My understanding was that the whole promise of capabilities (vs a more classical platform-specific swappable module implementation as we do for linux vs windows for example) was to push all of the WASM and node-specific concerns out of libdatadog. However the impression when looking at the shared runtime's changes is that it's full of WASM-specific concerns, which feels like we got the drawbacks of both approaches (complexity + wasm-specific code in libdatadogand cfg gates). Some functions are available on WASM, some others are not. I'm not sure yet what's the conclusion, but I think the interface of the shared runtime should be reworked if we want it to work with capabilities. Maybe the conclusion is that the whole shared runtime should be a capability, since it's offering an API that has fundamentally different implementation on WASM and native (and it seems impossible to delegate that to existing capabilities). Or maybe the answer is that we need to move some of the shared runtime into new capability.ies for async, but can still keep some code in libdd-shared-runtime. In any case, the current situation feels a bit wrong.

yannham · 2026-04-22T08:43:52Z

+pub use http::NativeHttpClient;
+use libdd_capabilities::http::HttpError;
+pub use libdd_capabilities::HttpClientCapability;
+use libdd_capabilities::MaybeSend;
+pub use libdd_capabilities::SleepCapability;
+pub use libdd_capabilities::SpawnCapability;
+pub use sleep::NativeSleepCapability;
+pub use spawn::{NativeJoinHandle, NativeSpawnCapability};


Nitpick: those could be compacted a bit (pub use libdd_capabilities::{A, B, C, D})

I would have expected that to be handled by cargo fmt, I'll check if it's something we can enable

The codebase doesn't have any standard on that front from what I can tell, whether you put crate or module on the rustfmt.toml, there are dozens of files that change.

yannham · 2026-04-22T08:45:45Z

-            Self {
-                http: DefaultHttpClient::new_client(),
-            }
+impl NativeCapabilities {


I wonder if bundling all capabilities together has a cost. For example, does it mean we need to instantiate an http client even if all we want to do is to sleep?

If a function just needs to sleep, it should not use the bundle, because the NativeHttp trait is not a ZST. Ideally everything should be a ZST, but even in this case, it's not that big a deal since using the bundle is a convenience option and not an obligation, if you just sleep, the function's bound should just be SleepCapability and it should just be passed the corresponding ZST.

I think there would be a way to have the HttpCapability a ZST, but that would be out-of-scope here

yannham · 2026-04-22T08:47:18Z

+}
+
+impl SleepCapability for NativeCapabilities {
+    fn sleep(&self, duration: Duration) -> impl Future<Output = ()> + MaybeSend {


any reason to not make this an async function instead of the explicit impl Future ? Is it for the MaybeSend bound?

Yes it is for the MaybeSend bound. But given we are in NativeCapabilities I guess MaybeSend will always be Send, and so we could make it explicit async. Do you think it would be better ?

yannham · 2026-04-22T08:48:52Z

+/// `T` instead of `Result<T, JoinError>`.
+///
+/// A `JoinError` means the spawned task panicked or was aborted. Workers use
+/// `CancellationToken` for graceful shutdown, so `JoinError` indicates a bug.


It's really a detail, but I think they don't use cancellation tokens any more with the new shared runtime?

yannham · 2026-04-22T08:51:22Z

+    type Output = T;
+
+    fn poll(self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<T> {
+        // JoinHandle<T>: Unpin, so Pin::new is safe.


Nit: the safety comment feels a bit unnecessary. There's no unsafe code here, so it wouldn't actually compile if the precondition was false.

Suggested change

// JoinHandle<T>: Unpin, so Pin::new is safe.

yannham · 2026-04-22T09:20:30Z

+        match Pin::new(&mut self.get_mut().0).poll(cx) {
+            Poll::Ready(Ok(val)) => Poll::Ready(val),
+            // JoinError means the task panicked or was aborted. Both unrecoverable.
+            Poll::Ready(Err(e)) => panic!("spawned task failed: {e}"),


I agree. We're just wrapping JoinHandle which returns a result, so there's no obvious reason to depart from this behavior and introduce panics instead.

yannham · 2026-04-22T09:21:38Z

+///
+/// The runtime handle is passed at spawn time via [`SpawnCapability::RuntimeContext`],
+/// not stored, so the spawner is always using the current (potentially rebuilt) runtime.
+#[cfg(not(target_arch = "wasm32"))]


Instead of all those cfg gates, could we move everything spawner-related to a submodule and gate the submodule once and for all instead? as we do with xxx::linux for example elsewhere in libdatadog.

yannham · 2026-04-22T09:26:09Z

+    {
+        RuntimeJoinHandle(ctx.spawn(future))
+    }
+}


I might be missing something, but when you say:

NativeSpawnCapability lives in libdd-capabilities-impl, which is a leaf crate, libdd-shared-runtime (a core crate) can't depend on it without inverting the layering

Why should shared_runtime depend on it once we move everything to libdd-capabilities-impl? I think (but I'm not sure) @VianneyRuhlmann's question is, or at least the one I have as well, is why this code has to be in shared_runtime at all. It naively looks like it's entirely capability and native-specific, so should live in libdd-capabilities-impl. Do you need some private symbols from here?

yannham · 2026-04-22T09:36:45Z

+        spawner: &S,
+    ) -> Result<WorkerHandle, SharedRuntimeError> {
+        let boxed_worker: BoxedWorker = Box::new(worker);
+        debug!(?boxed_worker, "Spawning worker on SharedRuntime");


Is this a left-over ? (might not be, just asking)

I did not add this ? I don't know

yannham · 2026-04-22T09:37:35Z

-                    Err(PausableWorkerError::TaskAborted)
-                }
+                let mut worker = handle.await;
+                debug!(?worker, "Worker paused successfully");


Same, is this supposed to stay?

VianneyRuhlmann · 2026-04-22T11:21:27Z

        assert!(agent_info::get_agent_info().is_none());
        let shared_runtime = SharedRuntime::new().unwrap();
-        shared_runtime.spawn_worker(fetcher, true).unwrap();
+        let spawner = NativeCapabilities::new();


Can we remove the spawner and pass capabilities at shared_runtime init?

Storing the spawner in SharedRuntime would make it generic (SharedRuntime<S>) or require type erasing a non object-safe trait. It's also not straightforward because the fork recovery paths use their own internal RuntimeSpawner, not the caller-provided one. In practice, production callers already have capabilities in scope so passing it to spawn_worker isn't a burden imho

VianneyRuhlmann · 2026-04-22T11:50:51Z

+impl<T: Worker + MaybeSend + Sync + 'static> std::fmt::Debug for PausableWorker<T> {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        match self {
+            Self::Running { .. } => f.debug_struct("PausableWorker::Running").finish(),
+            Self::Paused { worker } => f
+                .debug_struct("PausableWorker::Paused")
+                .field("worker", worker)
+                .finish(),
+            Self::InvalidState => write!(f, "PausableWorker::InvalidState"),
+        }
+    }
+}


Why do you need this ?

I went from the JoinHandle of tokio to ours, and so we can't derive debug automatically, and WorkerEntry needs debug.

VianneyRuhlmann · 2026-04-22T11:53:14Z

+            PausableWorker::Paused { .. } => {
+                debug!(?self, "Starting pausable worker");


Try to avoid (or train your ai to avoid) this kind of unrelated changes which clutter the PR. (If it's actually related disregard)

VianneyRuhlmann · 2026-04-22T12:39:46Z

    /// Pause the worker and wait for it to complete, storing its state for restart.
    ///
    /// # Errors
-    /// Fails if the worker handle has been aborted preventing the worker from being retrieved.


No need to update

VianneyRuhlmann · 2026-04-22T12:42:43Z

+#[cfg(not(target_arch = "wasm32"))]
+pub type SpawnRuntimeContext = tokio::runtime::Handle;
+
+/// See the non-wasm variant for documentation.
+#[cfg(target_arch = "wasm32")]
+pub type SpawnRuntimeContext = ();


Can't you reuse the NativeSpawnCapability associated type ?

VianneyRuhlmann · 2026-04-22T13:39:38Z

    meta: StatsMetadata,
    sequence_id: AtomicU64,
-    client: H,
+    capabilities: Cap,


ultra nit: Since we're going to pass the capabilities in a lot of functions it would be nice to have a "standardized" way of passing it e.g. "always the first param" to make it easier to recognize.

VianneyRuhlmann · 2026-04-22T13:46:19Z

            get_test_metadata(),
            Endpoint::from_url(stats_url_from_agent_url(&server.url("/")).unwrap()),
-            NativeCapabilities::new_client(),
+            caps.clone(),


Maybe implementing Copy on NativeCapabilities would make it more ergonomic (since it's zero sized anyway)

VianneyRuhlmann · 2026-04-22T14:55:50Z

            backoff_type: RetryBackoffType::Constant,
            jitter: None,
        };
+        let sleeper = NativeSleepCapability;


nit: I think it's better to always call it cap or capabilities than to use a different name depending on the capabilities available

fix: ZST spawner fix: docs and fixes fix(shared_runtime): implicit debug impl chore: format feat: change the Output to Result feat: mod native cfg gated for better readability chore: revert to main's version of thing

github-actions Bot added mini-agent sidecar common data-pipeline labels Apr 13, 2026

Aaalibaba42 force-pushed the jwiriath/runtime-capability branch from 0f2d27f to 628bd2c Compare April 14, 2026 11:25

Aaalibaba42 changed the title ~~feat(capablities): sleep & spawn capabilities~~ feat(capablities)!: sleep & spawn capabilities Apr 14, 2026

Aaalibaba42 marked this pull request as ready for review April 14, 2026 13:22

Aaalibaba42 requested review from a team as code owners April 14, 2026 13:22

Aaalibaba42 requested review from mhlidd and removed request for a team April 14, 2026 13:22

Aaalibaba42 force-pushed the jwiriath/runtime-capability branch from 628bd2c to 4145e42 Compare April 15, 2026 08:47

bantonsson reviewed Apr 16, 2026

View reviewed changes

Comment thread libdd-trace-stats/src/stats_exporter.rs Outdated

Aaalibaba42 force-pushed the jwiriath/runtime-capability branch 2 times, most recently from 166e5c7 to f4b19a7 Compare April 16, 2026 15:53

Aaalibaba42 requested a review from a team as a code owner April 20, 2026 09:49

Aaalibaba42 requested review from vpellan and removed request for a team April 20, 2026 09:49

Aaalibaba42 force-pushed the jwiriath/runtime-capability branch from 59f8c03 to f4b19a7 Compare April 20, 2026 09:50

Aaalibaba42 force-pushed the jwiriath/runtime-capability branch from f4b19a7 to be149e6 Compare April 20, 2026 09:50

Aaalibaba42 requested a review from bantonsson April 20, 2026 13:35

VianneyRuhlmann reviewed Apr 20, 2026

View reviewed changes

Aaalibaba42 force-pushed the jwiriath/runtime-capability branch from be149e6 to 2bc0664 Compare April 21, 2026 13:38

github-actions Bot removed the common label Apr 21, 2026

Aaalibaba42 force-pushed the jwiriath/runtime-capability branch 2 times, most recently from ce7a92b to 29583cd Compare April 21, 2026 14:24

yannham reviewed Apr 22, 2026

View reviewed changes

VianneyRuhlmann reviewed Apr 22, 2026

View reviewed changes

Aaalibaba42 force-pushed the jwiriath/runtime-capability branch from c6789b6 to e8146c9 Compare April 27, 2026 12:13

feat(capablities): sleep & spawn capabilities

1e64b86

fix: ZST spawner fix: docs and fixes fix(shared_runtime): implicit debug impl chore: format feat: change the Output to Result feat: mod native cfg gated for better readability chore: revert to main's version of thing

Aaalibaba42 force-pushed the jwiriath/runtime-capability branch from e8146c9 to 1e64b86 Compare April 27, 2026 13:11

		PausableWorker::Paused { .. } => {
		debug!(?self, "Starting pausable worker");

Conversation

Aaalibaba42 commented Apr 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What does this PR do?

Motivation

Additional Notes

How to test the change?

Uh oh!

github-actions Bot commented Apr 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

📚 Documentation Check Results

📦 datadog-sidecar - 2449 warning(s)

📦 libdd-capabilities-impl - 182 warning(s)

📦 libdd-capabilities - 14 warning(s)

📦 libdd-data-pipeline - 943 warning(s)

📦 libdd-shared-runtime - 181 warning(s)

📦 libdd-trace-stats - 608 warning(s)

📦 libdd-trace-utils - 569 warning(s)

Uh oh!

github-actions Bot commented Apr 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

🔒 Cargo Deny Results

📦 datadog-sidecar - 6 error(s)

📦 libdd-capabilities-impl - 4 error(s)

📦 libdd-capabilities - ✅ No issues

📦 libdd-data-pipeline - 5 error(s)

📦 libdd-shared-runtime - 1 error(s)

📦 libdd-trace-stats - 4 error(s)

📦 libdd-trace-utils - 4 error(s)

Uh oh!

github-actions Bot commented Apr 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Clippy Allow Annotation Report

Summary by Rule

Annotation Counts by File

Annotation Stats by Crate

About This Report

Uh oh!

codecov-commenter commented Apr 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Codecov Report

Uh oh!

datadog-prod-us1-4 Bot commented Apr 13, 2026 • edited by datadog-prod-us1-3 Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

dd-octo-sts Bot commented Apr 13, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Artifact Size Benchmark Report

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Aaalibaba42 Apr 16, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Choose a reason for hiding this comment

Uh oh!

Aaalibaba42 commented Apr 13, 2026 •

edited

Loading

github-actions Bot commented Apr 13, 2026 •

edited

Loading

📦 `datadog-sidecar` - 2449 warning(s)

📦 `libdd-capabilities-impl` - 182 warning(s)

📦 `libdd-capabilities` - 14 warning(s)

📦 `libdd-data-pipeline` - 943 warning(s)

📦 `libdd-shared-runtime` - 181 warning(s)

📦 `libdd-trace-stats` - 608 warning(s)

📦 `libdd-trace-utils` - 569 warning(s)

github-actions Bot commented Apr 13, 2026 •

edited

Loading

📦 `datadog-sidecar` - 6 error(s)

📦 `libdd-capabilities-impl` - 4 error(s)

📦 `libdd-capabilities` - ✅ No issues

📦 `libdd-data-pipeline` - 5 error(s)

📦 `libdd-shared-runtime` - 1 error(s)

📦 `libdd-trace-stats` - 4 error(s)

📦 `libdd-trace-utils` - 4 error(s)

github-actions Bot commented Apr 13, 2026 •

edited

Loading

codecov-commenter commented Apr 13, 2026 •

edited

Loading

datadog-prod-us1-4 Bot commented Apr 13, 2026 •

edited by datadog-prod-us1-3 Bot

Loading

dd-octo-sts Bot commented Apr 13, 2026 •

edited

Loading

Aaalibaba42 Apr 16, 2026 •

edited

Loading

yannham left a comment •

edited

Loading

Aaalibaba42 Apr 23, 2026 •

edited

Loading