Our following Python Libraries have been updated to version 51.0.1.0.695:
What’s New
Version 51.0.1.0.695 of the IBM Security QRadar SOAR Python libraries introduces helpful new resilient-sdk commands, official support for Python 3.11, a new Docker base image, important security updates, and more.
Python 3.11
This major update introduces official support for Python 3.11 and a new Docker base image to support that. Here’s what you need to know about this change.
The apps that IBM develops will begin to move to Python 3.11 immediately. If you use these apps in the container format through App Host or Edge Gateway, you don’t need to do anything; all apps will be updated automatically for you and you can ignore the rest of this message. This is a major benefit of the container format and we strongly recommend that if you are not already using apps on App Host that you move there as soon as you can.
If you run IBM, vendor, or community published apps on an integration server, be aware that support for 3.11 will come to those apps over time. Many of them will work on 3.11 already without any changes needed. We will continue to officially support Python 3.11, 3.9 as well as 3.6 and 2.7 for integration servers. Despite this official support for these versions, we strongly recommend that if you are using an integration server to move to Python 3.9 or 3.11 as soon as possible. We will make some apps only support version 3.9 or greater for integration server installations.
Why are we moving to Python 3.11? Many of the dependent libraries that our apps rely on have long since moved beyond 3.6 and 2.7. Those libraries are no longer receiving security patches or feature updates. This poses a large risk for apps because we cannot publish vulnerable code. With that in mind, we are continuously updating our Python environment to support the latest industry standards. This is why we strongly recommend you move to App Host. In the App Host environment, we have control over the app’s dependencies and can directly address vulnerabilities. We are constantly refreshing our apps with the latest versions of the OS and Python packages required to run each app safely. However, we do understand that in some circumstances running apps on an integration server can be useful.
Please note that this Python version update applies only to apps and their functions. There is no affect on the Python version run for scripts in Playbooks or Workflows, which is independent from the app Python version.
Change Log
resilient-sdk
- Added new
list command
- Updated the
init command to include option to create basic app.config file for developing with the resilient-sdk
- Updated the
codegen to take advantage of the new Docker base image. It is recommended that you update your apps to use this new template. To bring in the new template, simply rename the current Dockerfile to Dockerfile.bak so that your changes are not lost. Then run resilient-sdk codegen --reload. You will notice the new Dockerfile which you can now use to build container images for your apps. The base image has both 3.11 and 3.9 versions to work with. We recommend you build your apps with 3.11 to take advantage of the latest Python features
resilient-circuits
- Selftest now outputs the pip environment for easier debugging upon failures
You can update your copies of each package using the pip install --upgrade command. For example:
pip install --upgrade "resilient-circuits>=51.0.1.0.695" --upgrade "resilient-sdk>=51.0.1.0.695"
Checkout the Change Log and our docs at https://ibm.biz/soar-python-docs for more details.