question

JackStewart-5866 avatar image
0 Votes"
JackStewart-5866 asked brtrach-MSFT answered

Is support for non-MS runtime languages available from App Service depreciated?

We started digging into an issue at work where one of our security tools was reporting a security vulnerability in the runtime language in some of our app services. I built new webapps to make sure they were fresh and found out the following for each language.

Runtime Language Running Version Days behind latest update
Node.js 16 16.13.0 152
Node.js 14 14.18.2 107
Node.js 12 12.15.0 789
PHP 8 8.0.13 147
PHP 7.4 7.4.25 175
Python 3.9 3.9.7 175
Python 3.8 3.8.12 198
Python 3.7 3.7.12 193
Java 17 17.0.1 182
Java 11 11.0.12 273
Java 8 1.8.0_302 149
Ruby 2.7 2.7.3 372
.NET 6 6.0.201 35
.NET 5 5.0.406 35
.NET Core 3.1 3.1.23 35

It looks like Microsoft is only supporting the .NET languages. Is this the official policy?

azure-webappsazure-webapps-developmentazure-webapps-compliance-reports
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

brtrach-MSFT avatar image
0 Votes"
brtrach-MSFT answered

Hi @JackStewart-5866 Thank you for your question regarding support for 3rd party runtimes. We apologize for the frustration that you have encountered with getting a clear answer.

We are aware of your support case that you opened up and the product group shared that they are aware the current patch cadence is not optimal and they are working on a solution to speed up the delivery of updated runtime and build images.

We understand your main concern is more so around getting a clear answer around the level of support of 3rd party images and less around wanting a workaround. For now, customers who require a stricter update cadence would be advised to use Azure Web App Containers as it gives you greater control over the runtime and build images.

Can you please share what specific runtime language/version you are concerned about and we can see if there possibly is an ETA we can share. Let us know if there is any further feedback or concerns we can share with the product group.


5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.