HomeDocumentationDiscussions
Documentation

Which Packages Are Used by Which Runnables?

Suggest Edits

Admins and developers can build images in Datatailr containing various package versions, as described in Image Builder.

Periodically you may need to check which packages are used by which images in Datatailr. For instance, if there has been a security alert for a specific package version, you should see which images are using this package version and make sure that those package versions and
images are replaced.

To check which packages are used by which runnables –

  1. Click the Image Manager icon. The following is displayed –
  1. Click the button in the top right corner. The following is displayed –
  1. Click the + in the packages area on the left. The following is displayed –

  1. In the Language field, select programming language in which the package is written –Python, Julia or Rust.

  2. In the Package field, enter the name of the package for which you are searching.

For example, if you type in numpy, the following is displayed, listing all the images that contain this package –

You can also select a specific version in the Version column of the Packages area on the left to be more specific about the list of images to be shown on the right.

  1. Click the Export button in the top right corner of the window to export this list of images as an Excel file to your default Downloads folder. For example, as shown –below –
  1. Send an email notification to each of the Creators and Owners, informing them that the specified package version must be replaced and the images containing it must be rebuilt as described in Image Builder.

Here’s an example of an email that you might send to the developers –

Dear Developers,

I am writing to inform you that a security risk has been detected for a specific version of a Python package that is currently in use within our organization. We have identified that version X.X.X of the package is vulnerable to a known security exploit, and as such, it is imperative that it be replaced as soon as possible.

To mitigate this risk, we request that you replace the affected package with the latest version in all images that contain it and rebuild the image.

Please be aware that failure to address this issue may negatively impact the organization. We take the security of our systems and data very seriously and ask that you do the same.
If you have any questions or need assistance, please do not hesitate to reach out.

Tip – It is not advisable for admins to replace packages and rebuild images on behalf of developers. Developers should take on the responsibility of managing this task themselves.

Updated over 1 year ago