chore(release): proposal for libdd-common

[dd-octo-sts]

Release proposal for libdd-common and its dependencies

This PR contains version bumps based on public API changes and commits since last release.

libdd-common

Next version: 4.0.0
Semver bump: major
Tag: libdd-common-v4.0.0

Commits

• feat(runtime)!: add shared runtime (feat(runtime)!: add shared runtime #1602)
• fix(crypto): use ring for non-fips builds (fix(crypto): use ring for non-fips builds #1816)
• fix(ci): skip thread counting test (fix(ci): skip thread counting test #1841)
• chore(ci): mock now function for rate limiter in tests to make them deterministic (chore(ci): mock now function for rate limiter in tests to make them deterministic #1842)
• fix(entity_id): Handle Podman cgroupns=host cgroup path (fix(entity_id): Handle Podman cgroupns=host cgroup path #1828)
• feat(capabilities)!: trait architecture http (feat(capabilities)!: trait architecture http #1555)
• feat!: implement HTTP common component (feat!: implement HTTP common component #1624)
• fix(common): don't use reqwest http proxies (fix(common): don't use reqwest http proxies #1810)
• test(miri): skip reqwest test that takes 10mn (test(miri): skip reqwest test that takes 10mn #1784)

[github-actions]

📚 Documentation Check Results

⚠️ 5011 documentation warning(s) found

📦 libdd-capabilities - 9 warning(s)

📦 libdd-capabilities-impl - 174 warning(s)

📦 libdd-common - 174 warning(s)

📦 libdd-crashtracker - 1074 warning(s)

📦 libdd-data-pipeline - 877 warning(s)

📦 libdd-dogstatsd-client - 174 warning(s)

📦 libdd-http-client - ✅ No warnings

📦 libdd-profiling - 655 warning(s)

📦 libdd-shared-runtime - 177 warning(s)

📦 libdd-telemetry - 489 warning(s)

📦 libdd-trace-obfuscation - 647 warning(s)

📦 libdd-trace-utils - 561 warning(s)

---

Updated: 2026-04-10 14:30:57 UTC | Commit: 303f6f7 | missing-docs job results

[github-actions]

🔒 Cargo Deny Results

⚠️ 2 issue(s) found, showing only errors (advisories, bans, sources)

📦 libdd-capabilities - ✅ No issues

📦 libdd-capabilities-impl - ✅ No issues

📦 libdd-common - ✅ No issues

📦 libdd-crashtracker - 1 error(s)

Show output

error[unmaintained]: paste - no longer maintained
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:128:1
    │
128 │ paste 1.0.15 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unmaintained advisory detected
    │
    ├ ID: RUSTSEC-2024-0436
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2024-0436
    ├ The creator of the crate `paste` has stated in the [`README.md`](https://github.com/dtolnay/paste/blob/master/README.md) 
      that this project is not longer maintained as well as archived the repository
      
      ## Possible Alternative(s)
      
      - [`pastey`]: a fork of paste and is aimed to be a drop-in replacement with additional features for paste crate
      - [`with_builtin_macros`]: crate providing a [superset of `paste`'s functionality including general `macro_rules!` eager expansions](https://docs.rs/with_builtin_macros/0.1.0/with_builtin_macros/macro.with_eager_expansions.html)  and `concat!`/`concat_idents!` macros
      
      [`pastey`]: https://crates.io/crates/pastey
      [`with_builtin_macros`]: https://crates.io/crates/with_builtin_macros
    ├ Announcement: https://github.com/dtolnay/paste
    ├ Solution: No safe upgrade is available!
    ├ paste v1.0.15
      └── libdd-libunwind-sys v0.1.0
          └── libdd-crashtracker v1.0.0

advisories FAILED, bans ok, sources ok

📦 libdd-data-pipeline - 1 error(s)

Show output

error[vulnerability]: Denial of Service via Stack Exhaustion
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:270:1
    │
270 │ time 0.3.41 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0009
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0009
    ├ ## Impact
      
      When user-provided input is provided to any type that parses with the RFC 2822 format, a denial of
      service attack via stack exhaustion is possible. The attack relies on formally deprecated and
      rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary,
      non-malicious input will never encounter this scenario.
      
      ## Patches
      
      A limit to the depth of recursion was added in v0.3.47. From this version, an error will be returned
      rather than exhausting the stack.
      
      ## Workarounds
      
      Limiting the length of user input is the simplest way to avoid stack exhaustion, as the amount of
      the stack consumed would be at most a factor of the length of the input.
    ├ Announcement: https://github.com/time-rs/time/blob/main/CHANGELOG.md#0347-2026-02-05
    ├ Solution: Upgrade to >=0.3.47 (try `cargo update -p time`)
    ├ time v0.3.41
      └── tracing-appender v0.2.3
          └── libdd-log v1.0.0
              └── (dev) libdd-data-pipeline v3.0.1

advisories FAILED, bans ok, sources ok

📦 libdd-dogstatsd-client - ✅ No issues

📦 libdd-http-client - ✅ No issues

📦 libdd-profiling - ✅ No issues

📦 libdd-shared-runtime - ✅ No issues

📦 libdd-telemetry - ✅ No issues

📦 libdd-trace-obfuscation - ✅ No issues

📦 libdd-trace-utils - ✅ No issues

---

Updated: 2026-04-10 14:31:39 UTC | Commit: 303f6f7 | dependency-check job results

[github-actions]

🔒 Cargo Deny Results

⚠️ 2 issue(s) found, showing only errors (advisories, bans, sources)

📦 libdd-capabilities - ✅ No issues

📦 libdd-capabilities-impl - ✅ No issues

📦 libdd-common - ✅ No issues

📦 libdd-crashtracker - 1 error(s)

Show output

error[unmaintained]: paste - no longer maintained
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:128:1
    │
128 │ paste 1.0.15 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ unmaintained advisory detected
    │
    ├ ID: RUSTSEC-2024-0436
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2024-0436
    ├ The creator of the crate `paste` has stated in the [`README.md`](https://github.com/dtolnay/paste/blob/master/README.md) 
      that this project is not longer maintained as well as archived the repository
      
      ## Possible Alternative(s)
      
      - [`pastey`]: a fork of paste and is aimed to be a drop-in replacement with additional features for paste crate
      - [`with_builtin_macros`]: crate providing a [superset of `paste`'s functionality including general `macro_rules!` eager expansions](https://docs.rs/with_builtin_macros/0.1.0/with_builtin_macros/macro.with_eager_expansions.html)  and `concat!`/`concat_idents!` macros
      
      [`pastey`]: https://crates.io/crates/pastey
      [`with_builtin_macros`]: https://crates.io/crates/with_builtin_macros
    ├ Announcement: https://github.com/dtolnay/paste
    ├ Solution: No safe upgrade is available!
    ├ paste v1.0.15
      └── libdd-libunwind-sys v0.1.0
          └── libdd-crashtracker v1.0.0

advisories FAILED, bans ok, sources ok

📦 libdd-data-pipeline - 1 error(s)

Show output

error[vulnerability]: Denial of Service via Stack Exhaustion
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:270:1
    │
270 │ time 0.3.41 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0009
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0009
    ├ ## Impact
      
      When user-provided input is provided to any type that parses with the RFC 2822 format, a denial of
      service attack via stack exhaustion is possible. The attack relies on formally deprecated and
      rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary,
      non-malicious input will never encounter this scenario.
      
      ## Patches
      
      A limit to the depth of recursion was added in v0.3.47. From this version, an error will be returned
      rather than exhausting the stack.
      
      ## Workarounds
      
      Limiting the length of user input is the simplest way to avoid stack exhaustion, as the amount of
      the stack consumed would be at most a factor of the length of the input.
    ├ Announcement: https://github.com/time-rs/time/blob/main/CHANGELOG.md#0347-2026-02-05
    ├ Solution: Upgrade to >=0.3.47 (try `cargo update -p time`)
    ├ time v0.3.41
      └── tracing-appender v0.2.3
          └── libdd-log v1.0.0
              └── (dev) libdd-data-pipeline v3.0.1

advisories FAILED, bans ok, sources ok

📦 libdd-dogstatsd-client - ✅ No issues

📦 libdd-http-client - ✅ No issues

📦 libdd-profiling - ✅ No issues

📦 libdd-shared-runtime - ✅ No issues

📦 libdd-telemetry - ✅ No issues

📦 libdd-trace-obfuscation - ✅ No issues

📦 libdd-trace-utils - ✅ No issues

---

Updated: 2026-04-10 14:31:30 UTC | Commit: 303f6f7 | dependency-check job results

[datadog-prod-us1-3]

🎯 Code Coverage (details)
• Patch Coverage: 100.00%
• Overall Coverage: 71.71% (-0.02%)

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 00e5e11 | Docs | Datadog PR Page | Was this helpful? React with 👍/👎 or give us feedback!}

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 71.71%. Comparing base (252c693) to head (00e5e11).

Additional details and impacted files

@@                           Coverage Diff                            @@
##           release/libdd-common/20260410-142518    #1863      +/-   ##
========================================================================
- Coverage                                 71.72%   71.71%   -0.02%     
========================================================================
  Files                                       429      429              
  Lines                                     67887    67887              
========================================================================
- Hits                                      48695    48682      -13     
- Misses                                    19192    19205      +13     

Components	Coverage Δ
libdd-crashtracker	66.22% <ø> (+0.20%)	⬆️
libdd-crashtracker-ffi	36.13% <ø> (+1.65%)	⬆️
libdd-alloc	98.77% <ø> (ø)
libdd-data-pipeline	86.04% <ø> (-0.23%)	⬇️
libdd-data-pipeline-ffi	71.94% <ø> (-1.24%)	⬇️
libdd-common	79.16% <ø> (ø)
libdd-common-ffi	73.87% <ø> (ø)
libdd-telemetry	65.98% <ø> (ø)
libdd-telemetry-ffi	16.75% <ø> (ø)
libdd-dogstatsd-client	82.64% <ø> (ø)
datadog-ipc	73.03% <ø> (-0.08%)	⬇️
libdd-profiling	81.62% <ø> (ø)
libdd-profiling-ffi	64.94% <ø> (ø)
datadog-sidecar	30.79% <ø> (-0.05%)	⬇️
datdog-sidecar-ffi	9.97% <ø> (-0.23%)	⬇️
spawn-worker	54.69% <ø> (ø)
libdd-tinybytes	93.16% <ø> (ø)
libdd-trace-normalization	81.71% <ø> (ø)
libdd-trace-obfuscation	87.24% <ø> (ø)
libdd-trace-protobuf	68.25% <ø> (ø)
libdd-trace-utils	88.72% <ø> (ø)
datadog-tracer-flare	86.88% <ø> (ø)
libdd-log	74.69% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dd-octo-sts]

Artifact Size Benchmark Report

aarch64-alpine-linux-musl

Artifact	Baseline	Commit	Change
/aarch64-alpine-linux-musl/lib/libdatadog_profiling.so	7.63 MB	7.63 MB	0% (0 B) 👌
/aarch64-alpine-linux-musl/lib/libdatadog_profiling.a	83.35 MB	83.34 MB	-0% (-808 B) 👌

aarch64-unknown-linux-gnu

Artifact	Baseline	Commit	Change
/aarch64-unknown-linux-gnu/lib/libdatadog_profiling.a	99.40 MB	99.40 MB	-0% (-1.14 KB) 👌
/aarch64-unknown-linux-gnu/lib/libdatadog_profiling.so	10.17 MB	10.17 MB	0% (0 B) 👌

libdatadog-x64-windows

Artifact	Baseline	Commit	Change
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.dll	25.16 MB	25.16 MB	+0% (+1.50 KB) 👌
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.lib	78.21 KB	78.21 KB	0% (0 B) 👌
/libdatadog-x64-windows/debug/dynamic/datadog_profiling_ffi.pdb	184.21 MB	184.18 MB	--.01% (-32.00 KB) 💪
/libdatadog-x64-windows/debug/static/datadog_profiling_ffi.lib	916.99 MB	917.33 MB	+.03% (+348.49 KB) 🔍
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.dll	7.88 MB	7.88 MB	+0% (+512 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.lib	78.21 KB	78.21 KB	0% (0 B) 👌
/libdatadog-x64-windows/release/dynamic/datadog_profiling_ffi.pdb	23.64 MB	23.64 MB	0% (0 B) 👌
/libdatadog-x64-windows/release/static/datadog_profiling_ffi.lib	46.13 MB	46.13 MB	+0% (+1.75 KB) 👌

libdatadog-x86-windows

Artifact	Baseline	Commit	Change
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.dll	21.63 MB	21.63 MB	-0% (-512 B) 👌
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.lib	79.42 KB	79.42 KB	0% (0 B) 👌
/libdatadog-x86-windows/debug/dynamic/datadog_profiling_ffi.pdb	188.33 MB	188.31 MB	-0% (-16.00 KB) 👌
/libdatadog-x86-windows/debug/static/datadog_profiling_ffi.lib	902.01 MB	901.81 MB	--.02% (-210.51 KB) 💪
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.dll	6.12 MB	6.12 MB	0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.lib	79.42 KB	79.42 KB	0% (0 B) 👌
/libdatadog-x86-windows/release/dynamic/datadog_profiling_ffi.pdb	25.31 MB	25.31 MB	0% (0 B) 👌
/libdatadog-x86-windows/release/static/datadog_profiling_ffi.lib	43.60 MB	43.60 MB	+0% (+100 B) 👌

x86_64-alpine-linux-musl

Artifact	Baseline	Commit	Change
/x86_64-alpine-linux-musl/lib/libdatadog_profiling.a	74.47 MB	74.47 MB	-0% (-1.59 KB) 👌
/x86_64-alpine-linux-musl/lib/libdatadog_profiling.so	8.52 MB	8.52 MB	0% (0 B) 👌

x86_64-unknown-linux-gnu

Artifact	Baseline	Commit	Change
/x86_64-unknown-linux-gnu/lib/libdatadog_profiling.a	91.77 MB	91.77 MB	+0% (+5.46 KB) 👌
/x86_64-unknown-linux-gnu/lib/libdatadog_profiling.so	10.20 MB	10.20 MB	+0% (+96 B) 👌