Google Git
Sign in
bazel / bazel / c72aba4fb58cdc33a63adeb0c537d513293a8c4d
commitc72aba4fb58cdc33a63adeb0c537d513293a8c4d[log] [tgz]
authorGoogler <noreply@google.com>Wed Oct 23 08:59:27 2024 -0700
committerCopybara-Service <copybara-worker@google.com>Wed Oct 23 09:00:40 2024 -0700
tree2e4591a7ecfaca3aaf6d7973b0109f1d5245c436
parent3715cd6e8ea027b443dc80276a77fcd95ed1e357 [diff]
Add a warning that `$(SRCS)` and `$(OUTS)` are in fact not safe to interpolate into commands without processing.

The fix suggested here was necessary when a genrule consumed a target with a `'` in its name (which in a turn consumed a source file also with this character in its name).

There the approach used was:
```python
def _extract_makevar_array(name):
    """
    Extracts the contents of the make variable `$(NAME)` into an array variable `$${NAME}`.

    This makes it possible to correctly handle cases where `$(NAME)` contains special characters.
    It probably still doesn't work if `$(NAME)` contains spaces.
    """
    return """
mapfile %s <<< "$$(sed -e 's/ /\\n/g' <<'a_long_unique_identifier'
$(%s)
a_long_unique_identifier
)"
""" % (name, name)
```
and passing `cmd = _extract_makevar_array("SRCS") + """for F in "$${SRCS[@]}"; do echo $F; done"""`.

PiperOrigin-RevId: 688984848
Change-Id: I798372778e4b46252902731585cb0b55f1166f36
1 file changed
tree: 2e4591a7ecfaca3aaf6d7973b0109f1d5245c436
  1. .bazelci/
  2. .github/
  3. examples/
  4. scripts/
  5. site/
  6. src/
  7. third_party/
  8. tools/
  9. .bazelrc
  10. .bazelversion
  11. .gitattributes
  12. .gitignore
  13. AUTHORS
  14. bazel_downloader.cfg
  15. BUILD
  16. CHANGELOG.md
  17. CODE_OF_CONDUCT.md
  18. CODEOWNERS
  19. combine_distfiles.py
  20. combine_distfiles_to_tar.sh
  21. compile.sh
  22. CONTRIBUTING.md
  23. CONTRIBUTORS
  24. distdir.bzl
  25. extensions.bzl
  26. LICENSE
  27. maven_install.json
  28. MODULE.bazel
  29. MODULE.bazel.lock
  30. rbe_extension.bzl
  31. README.md
  32. repositories.bzl
  33. requirements.txt
  34. SECURITY.md
  35. workspace_deps.bzl
README.md

Bazel

{Fast, Correct} - Choose two

Build and test software of any size, quickly and reliably.

  • Speed up your builds and tests: Bazel rebuilds only what is necessary. With advanced local and distributed caching, optimized dependency analysis and parallel execution, you get fast and incremental builds.

  • One tool, multiple languages: Build and test Java, C++, Android, iOS, Go, and a wide variety of other language platforms. Bazel runs on Windows, macOS, and Linux.

  • Scalable: Bazel helps you scale your organization, codebase, and continuous integration solution. It handles codebases of any size, in multiple repositories or a huge monorepo.

  • Extensible to your needs: Easily add support for new languages and platforms with Bazel's familiar extension language. Share and re-use language rules written by the growing Bazel community.

Getting Started

Documentation

Reporting a Vulnerability

To report a security issue, please email security@bazel.build with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Our vulnerability management team will respond within 3 working days of your email. If the issue is confirmed as a vulnerability, we will open a Security Advisory. This project follows a 90 day disclosure timeline.

Contributing to Bazel

See CONTRIBUTING.md

Build status