Propagate project-scoped flags through exec transitions (https://github.com/bazelbuild/bazel/pull/29232) ### Description This change alters the behavior of the project scope so that flags explicitly defined with this scope correctly propagate through exec transitions instead of being systematically stripped. At target-configuration time, BuildConfigurationKeyProducer enforces the project boundary restrictions. If a target is evaluated outside of the directories defined by its associated PROJECT.scl, the flag value is gracefully reset to its baseline execution defaults. This PR addresses two NullPointerExceptions surfaced when flags propagate natively through these headless environments: 1. Exec configuration and top-level testing pathways frequently parse configurations without assigned target labels (label == null). BuildConfigurationKeyProducer.resetFlags() has been null-guarded to gracefully wipe project-scoped flags from the evaluated configuration when there is no target label context. 2. An edge-case NPE has been fixed where un-scoped Starlark variables dynamically injected back into the options map without corresponding scopeTypeMap metadata incorrectly triggered a verification failure during loop validation. Updated BuildConfigurationValueTest behavior to test execution options against AnalysisTestUtil.execOptions directly instead of artificially piping through getConfiguration() tests (which obscured the transitions raw output since createExec() silently dropped unsupported scopes). Added detailed tests to BuildConfigurationKeyProducerTest explicitly validating boundary enforcement inside and outside of project trees as well as providing guaranteed protection against these headless/null evaluation situations. ### Motivation See https://github.com/bazelbuild/bazel/issues/28320 ### Build API Changes Yes - it changes the behaviour of the 'project' scope flag. ### Checklist - [x] I have added tests for the new use cases (if any). - [ ] I have updated the documentation (if applicable). ### Release Notes RELNOTES: None Closes #29232. PiperOrigin-RevId: 927480714 Change-Id: Ia721c4312a373081e024232d6ca3981dceaae18c
{Fast, Correct} - Choose two
Build and test software of any size, quickly and reliably.
Speed up your builds and tests: Bazel rebuilds only what is necessary. With advanced local and distributed caching, optimized dependency analysis and parallel execution, you get fast and incremental builds.
One tool, multiple languages: Build and test Java, C++, Android, iOS, Go, and a wide variety of other language platforms. Bazel runs on Windows, macOS, and Linux.
Scalable: Bazel helps you scale your organization, codebase, and continuous integration solution. It handles codebases of any size, in multiple repositories or a huge monorepo.
Extensible to your needs: Easily add support for new languages and platforms with Bazel's familiar extension language. Share and re-use language rules written by the growing Bazel community.
To report a security issue, please email security@bazel.build with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Our vulnerability management team will respond within 3 working days of your email. If the issue is confirmed as a vulnerability, we will open a Security Advisory. This project follows a 90 day disclosure timeline.
See CONTRIBUTING.md
