feat(stats)!: implement span derived primary tags

[duncanpharvey]

What does this PR do?

A brief description of the change being made with this pull request.

Motivation

Support span derived primary tags for Serverless.

https://datadoghq.atlassian.net/browse/SVLS-8032

Additional Notes

Relates to DataDog/serverless-components#51

How to test the change?

Describe here in detail how the change can be validated.

[github-actions]

📚 Documentation Check Results

⚠️ 1424 documentation warning(s) found

📦 libdd-data-pipeline - 864 warning(s)

📦 libdd-trace-stats - 560 warning(s)

---

Updated: 2026-03-27 19:07:52 UTC | Commit: 2cf62fe | missing-docs job results

[github-actions]

🔒 Cargo Deny Results

⚠️ 1 issue(s) found, showing only errors (advisories, bans, sources)

📦 libdd-data-pipeline - 1 error(s)

Show output

error[vulnerability]: Denial of Service via Stack Exhaustion
    ┌─ /home/runner/work/libdatadog/libdatadog/Cargo.lock:275:1
    │
275 │ time 0.3.41 registry+https://github.com/rust-lang/crates.io-index
    │ ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ security vulnerability detected
    │
    ├ ID: RUSTSEC-2026-0009
    ├ Advisory: https://rustsec.org/advisories/RUSTSEC-2026-0009
    ├ ## Impact
      
      When user-provided input is provided to any type that parses with the RFC 2822 format, a denial of
      service attack via stack exhaustion is possible. The attack relies on formally deprecated and
      rarely-used features that are part of the RFC 2822 format used in a malicious manner. Ordinary,
      non-malicious input will never encounter this scenario.
      
      ## Patches
      
      A limit to the depth of recursion was added in v0.3.47. From this version, an error will be returned
      rather than exhausting the stack.
      
      ## Workarounds
      
      Limiting the length of user input is the simplest way to avoid stack exhaustion, as the amount of
      the stack consumed would be at most a factor of the length of the input.
    ├ Announcement: https://github.com/time-rs/time/blob/main/CHANGELOG.md#0347-2026-02-05
    ├ Solution: Upgrade to >=0.3.47 (try `cargo update -p time`)
    ├ time v0.3.41
      └── tracing-appender v0.2.3
          └── libdd-log v1.0.0
              └── (dev) libdd-data-pipeline v3.0.0

advisories FAILED, bans ok, sources ok

📦 libdd-trace-stats - ✅ No issues

---

Updated: 2026-03-27 19:10:45 UTC | Commit: 2cf62fe | dependency-check job results

[github-actions]

Clippy Allow Annotation Report

Comparing clippy allow annotations between branches:

• Base Branch: origin/main
• PR Branch: origin/duncan-harvey/libdd-trace-stats-span-derived-primary-tags

Summary by Rule

Rule	Base Branch	PR Branch	Change
unwrap_used	1	1	No change (0%)
Total	1	1	No change (0%)

Annotation Counts by File

File	Base Branch	PR Branch	Change
libdd-data-pipeline/src/stats_exporter.rs	1	1	No change (0%)

Annotation Stats by Crate

Crate	Base Branch	PR Branch	Change
clippy-annotation-reporter	5	5	No change (0%)
datadog-ffe-ffi	1	1	No change (0%)
datadog-ipc	20	20	No change (0%)
datadog-live-debugger	6	6	No change (0%)
datadog-live-debugger-ffi	10	10	No change (0%)
datadog-profiling-replayer	4	4	No change (0%)
datadog-remote-config	3	3	No change (0%)
datadog-sidecar	55	55	No change (0%)
libdd-common	10	10	No change (0%)
libdd-common-ffi	12	12	No change (0%)
libdd-data-pipeline	5	5	No change (0%)
libdd-ddsketch	2	2	No change (0%)
libdd-dogstatsd-client	1	1	No change (0%)
libdd-profiling	13	13	No change (0%)
libdd-telemetry	19	19	No change (0%)
libdd-tinybytes	4	4	No change (0%)
libdd-trace-normalization	2	2	No change (0%)
libdd-trace-obfuscation	8	8	No change (0%)
libdd-trace-utils	15	15	No change (0%)
Total	195	195	No change (0%)

About This Report

This report tracks Clippy allow annotations for specific rules, showing how they've changed in this PR. Decreasing the number of these annotations generally improves code quality.

[codecov-commenter]

Codecov Report

❌ Patch coverage is 98.63636% with 3 lines in your changes missing coverage. Please review.
✅ Project coverage is 71.26%. Comparing base (102231d) to head (49ba1c9).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1815      +/-   ##
==========================================
+ Coverage   71.20%   71.26%   +0.06%     
==========================================
  Files         414      414              
  Lines       65914    66119     +205     
==========================================
+ Hits        46931    47119     +188     
- Misses      18983    19000      +17     

Components	Coverage Δ
libdd-crashtracker	65.22% <ø> (-0.11%)	⬇️
libdd-crashtracker-ffi	34.47% <ø> (-0.77%)	⬇️
libdd-alloc	98.77% <ø> (ø)
libdd-data-pipeline	86.54% <100.00%> (-0.74%)	⬇️
libdd-data-pipeline-ffi	69.94% <ø> (-4.23%)	⬇️
libdd-common	79.79% <ø> (ø)
libdd-common-ffi	73.87% <ø> (ø)
libdd-telemetry	62.48% <ø> (ø)
libdd-telemetry-ffi	16.75% <ø> (ø)
libdd-dogstatsd-client	82.64% <ø> (ø)
datadog-ipc	70.31% <ø> (-2.25%)	⬇️
libdd-profiling	81.62% <ø> (ø)
libdd-profiling-ffi	64.94% <ø> (ø)
datadog-sidecar	31.62% <ø> (+0.92%)	⬆️
datdog-sidecar-ffi	13.26% <ø> (+4.34%)	⬆️
spawn-worker	54.69% <ø> (ø)
libdd-tinybytes	93.16% <ø> (ø)
libdd-trace-normalization	81.71% <ø> (ø)
libdd-trace-obfuscation	87.24% <ø> (ø)
libdd-trace-protobuf	68.25% <ø> (ø)
libdd-trace-utils	88.64% <ø> (ø)
datadog-tracer-flare	86.88% <ø> (ø)
libdd-log	74.69% <ø> (ø)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[datadog-prod-us1-5]

✅ Tests

🎉 All green!

❄️ No new flaky tests detected
🧪 All tests passed

🎯 Code Coverage (details)
• Patch Coverage: 98.64%
• Overall Coverage: 71.26% (+0.04%)

_{This comment will be updated automatically if new data arrives.
🔗 Commit SHA: 49ba1c9 | Docs | Datadog PR Page | Was this helpful? React with 👍/👎 or give us feedback!}