Open gavin-aguiar opened 11 months ago
Could you please also update this page to reflect the new supported version change? https://learn.microsoft.com/en-us/azure/azure-functions/recover-python-functions?tabs=vscode%2Cbash&pivots=python-mode-decorators#troubleshoot-errors-with-protocol-buffers
Background
Recently, we upgraded
grpcio
andgrpcio-tools
versions to 1.54.2 in the Python worker, which updated the internalprotobuf
to 4.22. This was done to multiple CVEs reported and was required to ensure the security fixes were taken in.This has caused some of the apps to fail with errors:
Root Cause
Since we prioritize the customer's libraries before loading the Python worker dependency, an old version of
protobuf
is loaded, which conflicts with the newer version used by the worker.How to Mitigate
PYTHON_ISOLATE_WORKER_DEPENDENCIES
to 1. This will force workers to isolate its dependencies and not use those brought with the app. Orgrpcio
,grpcio-tools
and/orprotobuf
to at least 1.54.2 or 4.22.