Google Git
Sign in
bazel / bazel / 8c70d7b4ad5a9299f8e0cf7d2209fca0a29fd96f
commit8c70d7b4ad5a9299f8e0cf7d2209fca0a29fd96f[log] [tgz]
authorPeter Lobsinger <plobsing@gmail.com>Thu Nov 09 01:42:25 2023 -0800
committerCopybara-Service <copybara-worker@google.com>Thu Nov 09 01:43:29 2023 -0800
tree649b1669b6060db9342e30edaf4d455c69fd8b21
parentbdcf7ce2ac8e83e2e9569821eb5c9651c45b134a [diff]
Only escape standard BRE metacharacters when preparing grep pattern.

POSIX specifies1 that grep shall by default interpret patterns as Basic Regular Expressions2. BREs only have six metacharacters: .[\*^$; all other characters are interpreted literally. Escaping non-metacharacter characters (ordinary characters) either has the effect of turning them into metacharacters3, or the interpretation is left undefined by the spec.

Because of the potential for unintended interpretations and behaviours, escaping these ordinary characters before using them in a BRE is undesirable. Unintended behaviours may range from benign (e.g. warnings about the invalid escapes) to broken (not matching entries we did intend and/or matching entries we did not intend).

Punctuation characters incorrectly escaped by the prior implementation can come from a few different places:

The ~ used by Bzlmod to manage hierarchies.
From the path to the workspace root - caller path may be absolute.
From paths within the workspace - punctuation characters accepted by Bazel4 for package and target names but are ordinary characters in BREs include !%@"#&'()-+,;<=>?]{|}~.
A small demonstration of this unnecessary escaping is available at: https://github.com/plobsing/bzlmod-bash-runfiles-grep-warning-demo/tree/main

In the example, the unnecessary escaping is reported when the script runs the rlocation function:

grep: warning: stray \ before ~
grep: warning: stray \ before @
Closes #20066.
PiperOrigin-RevId: 580820470
Change-Id: I57218d629cc771a00f05c2da06e97fb0b2ca18fd
1 file changed
tree: 649b1669b6060db9342e30edaf4d455c69fd8b21
  1. .bazelci/
  2. .github/
  3. examples/
  4. scripts/
  5. site/
  6. src/
  7. third_party/
  8. tools/
  9. .bazelrc
  10. .bazelversion
  11. .gitattributes
  12. .gitignore
  13. AUTHORS
  14. bazel_downloader.cfg
  15. BUILD
  16. CHANGELOG.md
  17. CODE_OF_CONDUCT.md
  18. CODEOWNERS
  19. combine_distfiles.py
  20. combine_distfiles_to_tar.sh
  21. compile.sh
  22. CONTRIBUTING.md
  23. CONTRIBUTORS
  24. distdir.bzl
  25. extensions.bzl
  26. LICENSE
  27. maven_install.json
  28. MODULE.bazel
  29. MODULE.bazel.lock
  30. rbe_extension.bzl
  31. README.md
  32. repositories.bzl
  33. requirements.txt
  34. SECURITY.md
  35. WORKSPACE
  36. WORKSPACE.bzlmod
  37. workspace_deps.bzl
README.md

Bazel

{Fast, Correct} - Choose two

Build and test software of any size, quickly and reliably.

  • Speed up your builds and tests: Bazel rebuilds only what is necessary. With advanced local and distributed caching, optimized dependency analysis and parallel execution, you get fast and incremental builds.

  • One tool, multiple languages: Build and test Java, C++, Android, iOS, Go, and a wide variety of other language platforms. Bazel runs on Windows, macOS, and Linux.

  • Scalable: Bazel helps you scale your organization, codebase, and continuous integration solution. It handles codebases of any size, in multiple repositories or a huge monorepo.

  • Extensible to your needs: Easily add support for new languages and platforms with Bazel's familiar extension language. Share and re-use language rules written by the growing Bazel community.

Getting Started

Documentation

Reporting a Vulnerability

To report a security issue, please email security@bazel.build with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Our vulnerability management team will respond within 3 working days of your email. If the issue is confirmed as a vulnerability, we will open a Security Advisory. This project follows a 90 day disclosure timeline.

Contributing to Bazel

See CONTRIBUTING.md

Build status