chore(deps): bump dd-trace from 5.17.0 to 5.20.0

[dependabot[bot]]

Bumps dd-trace from 5.17.0 to 5.20.0.

Release notes

Sourced from dd-trace's releases.

v5.20.0

Features

• appsec: Exploit prevention support for SSRF (DataDog/dd-trace-js#4372) (DataDog/dd-trace-js#4561)
• aws-sdk: Add batchPropagationEnabled env variable configuration for AWS messaging context injection (#4525)
• iast: Add support for Code Injection vulnerability detection (DataDog/dd-trace-js#4488)
• dsm: Implement Data Streams Monitoring (DSM) Public API (#4537)

Bug fixes

• test visibility: Update test code owners extraction logic to use test source file (#4560)
• test visibility: Fix memory leak in workerpool hook #4558, fixing #4551
• test visibility: Fix latest version of vitest #4565

v5.19.0

Improvements

• Add getSpanLimits() #4454
• [appsec] Update waf obfuscator key regex #4498
• [appsec] Update child_process redaction pattern #4509
• [iast] Make iast config available out of experimental config properties #4489

Features

• [test-visibility] Add auto test retries to playwright #4504
• [test-visibility] Add auto test retries to vitest #4513
• [test-visibility] Add auto test retries to cypress #4518
• [test-visibility] Add auto test retries to jest #4530

Bug fixes

• [test visibility] Fix suite-less tests in vitest #4512

v5.18.0

Improvements

• [appsec]: Update appsec rules to 1.12.0 #4398
• [appsec]: Collect request headers on user event #4385
• [iast]: Update native-iast-taint-tracking to 3.0.0 #4464
• [appsec]: Update default appsec obfuscation regex #4472
• [aws-sdk]: Improve AWS SQS Data Streams Monitoring tracing experience #4425

Features

• [test-visibility] Add support for vitest #4415
• [test-visibility] Add automatic flaky test retries to Mocha #4453
• [test-visibility] Flaky test retries for cucumber #4491
• [appsec]: Standalone ASM billing with DD_EXPERIMENTAL_APPSEC_STANDALONE_ENABLED #4291, #4416
• [aws-sdk]: Add batchPropagationEnabled configuration option to inject all messages with trace context during AWS SQS, SNS, and Kinesis batch send operations #4434
• [aws-sdk] feat: add dd_tags to datastreams monitoring stats payload #4481

Bug fixes

• [openai] fix(openai): safe require tiktoken for webpack bundlers #4433
• [test-visibility] Do not unsafely access .steps from test result in playwright #4471
• [esm] upgrade import-in-the-middle to 1.8.1, fix various ESM bugs #4414
• [child_process] default to tracer service name #4417

... (truncated)

Commits

• 6c5fe61 v5.20.0
• fb80cec [test-visibility] Fix latest version of vitest (#4565)
• 6662112 [test visibility] Fix memory leak in workerpool hook (#4558)
• f9edb98 [test-visibility] Update test code owners extraction logic to use test source...
• dcc74b9 Code injection vulnerability detection (#4488)
• 6ab9fd4 Enable rasp by default when appsec is enabled (#4561)
• 0f8c5da Protect undefined locations (#4556)
• eda82c3 Update default AppSec rules to 1.13.0 (#4559)
• d42f110 Use unified Gitlab pipeline for APM libraries (#4397)
• ea344d5 Updates the expected telemetry tags for OTel env-var mapping in line with the...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #724.