commit | ecf1db0020ac139d10c5067cd0cbd1c2b53c67b6 | [log] [tgz] |
---|---|---|
author | Googler <tjgq@google.com> | Tue May 02 03:25:48 2023 -0700 |
committer | Copybara-Service <copybara-worker@google.com> | Tue May 02 03:27:12 2023 -0700 |
tree | a45f5ede4c4691f528a2a50c9cf7918f194365e8 | |
parent | 6ccb4cd77c60fa61a82b14a1f6c44bea89294594 [diff] |
Add a flag to disallow remote actions from including symlinks in a tree artifact. A tree artifact is currently defined to contain only regular files. If a remote action reports back a symlink, it must be resolved locally, which is generally impossible and potentially non-hermetic. Allowing only the hermetic cases (i.e., where resolution doesn't escape the action's inputs and outputs) entails additional complexity and is of dubious value. So let's instead ban it through an incompatible change. Note that this is distinct from #16361, which calls for the ability to include *unresolved* symlinks in a tree artifact on an opt-in basis. PiperOrigin-RevId: 528731896 Change-Id: Ia48d2ec2fa6d01ce227315c85bbcf5c3f07bb29a
{Fast, Correct} - Choose two
Build and test software of any size, quickly and reliably.
Speed up your builds and tests: Bazel rebuilds only what is necessary. With advanced local and distributed caching, optimized dependency analysis and parallel execution, you get fast and incremental builds.
One tool, multiple languages: Build and test Java, C++, Android, iOS, Go, and a wide variety of other language platforms. Bazel runs on Windows, macOS, and Linux.
Scalable: Bazel helps you scale your organization, codebase, and continuous integration solution. It handles codebases of any size, in multiple repositories or a huge monorepo.
Extensible to your needs: Easily add support for new languages and platforms with Bazel's familiar extension language. Share and re-use language rules written by the growing Bazel community.
Follow our tutorials:
To report a security issue, please email security@bazel.build with a description of the issue, the steps you took to create the issue, affected versions, and, if known, mitigations for the issue. Our vulnerability management team will respond within 3 working days of your email. If the issue is confirmed as a vulnerability, we will open a Security Advisory. This project follows a 90 day disclosure timeline.
See CONTRIBUTING.md