Bump com.datadoghq:dd-java-agent from 1.42.1 to 1.43.0 in /keycloak/dd-fetch

[dependabot]

Bumps com.datadoghq:dd-java-agent from 1.42.1 to 1.43.0.

Release notes

Sourced from com.datadoghq:dd-java-agent's releases.

1.43.0

Components

Application Security Management (IAST)

• ✨ Add propagation to StringBuffer substring methods (#7992 - @​Mariovido)
• 🐛 Fix issue with call sites in super calls to constructor (#7991 - @​manuel-alvarez-alvarez)
• ✨ Add propagation to StringBuilder substring methods (#7980 - @​Mariovido)
• 🐛 Reset IAST request context on root span published (#7969 - @​manuel-alvarez-alvarez)
• ✨ Add propagation to String constructors with StringBuffer and StringBuilder (#7966 - @​Mariovido)
• 🐛 Do not reset IAST concurrent request counter (#7963 - @​smola)
• ✨ Exclude spark web from vulnerability locations (#7939 - @​smola)
• 🐛 Exclude dev.failsafe from IAST instrumentation (#7938 - @​smola)
• ✨ Exclude okio from vulnerability locations (#7937 - @​smola)
• ✨ Expand SSRF support in IAST to java.net.http.HttpClient (#7877 - @​Mariovido)
• Fix stack trace inconsistency between excluded frames in vulnerability location and metastruct stack trace (#7865 - @​jandro996)
• ✨🧪 Add experimental taint propagation to the String replace, replaceFirst, replaceAll methods (#7741 - @​Mariovido)

Application Security Management (WAF)

• Upgrade to libddwaf 1.21.0 (libddwaf-java 11.2.0) (#7993 - @​ValentinZakharov)
• Updated ASM rules to 1.13.3 (#7976 - @​ValentinZakharov)
• ✨ Prevent spans from having login success and failure events simultaneously (#7918 - @​manuel-alvarez-alvarez)
• Add support for session tracking in jetty (#7837 - @​manuel-alvarez-alvarez)
• Extend support for SSRF in exploit prevention (#7376 - @​jandro996)

Build & Tooling

• ✨ Add JMXFetch to SSI Guardrails denylist (#7970 - @​PerfectSlayer)
• 🐛 Remove SSI guardrails entries for hbase and hive (#7916 - @​PerfectSlayer)

Continuous Integration Visibility

• 🐛 Instrument Gradle Launcher to avoid overwriting org.gradle.jvmargs property (#8001 - @​nikita-tkachenko-datadog)
• Add source line tags to test suites (#7964 - @​daniel-mohedano)

Crash tracking

• 🐛 Improve crashtracking support for older Bash versions (#7956 - @​PerfectSlayer)
• ✨ Adjust crash upload timeout (#7905 - @​dougqh)
• ✨ Use telemetry 'is_sensitive' attribute instead of redacting the crash stacktrace (#7899 - @​jbachorik)

Data Streams Monitoring

• Support service name overrides for DSM (#7798 - @​kr-igor)

Dynamic Instrumentation

• 🐛 Fix integer json parsing probe definition (#7957 - @​jpbempel)
• 🐛 Fix NullPointerException Extracting Class symbols (#7934 - @​jpbempel)

... (truncated)

Commits

• f2d21ae Reenable kafka 3.8 by default (#8007)
• 565afcd Add propagation to String constructors with StringBuffer and StringBuilder (#...
• b055376 Instrument Gradle Launcher to avoid overwriting org.gradle.jvmargs property (...
• b36006c Use existence of MetadataRecoveryStrategy to decide whether to apply pre-3.8 ...
• 52cf791 Fix the temp location manager on J9 (#8002)
• 4925a50 Fix issue with call sites in super calls to constructor (#7991)
• c8030bd Increase lambda extension request timeout (#7986)
• 79ca6e4 Common temporary location manager for profiling product (#7971)
• 9078a8c Refactor tests of StringBuffer substring (#8000)
• bdfcc9b Mute some static analysis rules (#7999)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)