Enable --incompatible_sandbox_hermetic_tmp by default
#19943
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
fmeum
force-pushed
the
19915-flip-sandbox-hermetic-tmp
branch
2 times, most recently
from
92ec681
to
3b9cc81
Compare
|
@lberki The remaining test failure is non-trivial and, as far as I can tell, related to your change in 8e32f44#diff-8c52a700c4bfaf7d29a4b9baf18b51c9fa3d78d1c47a765dcddf016fb1541239R350-R353: The sandbox binary verifies that the working directory lies under the sandbox directory simply based on a prefix check, which doesn't account for the bind mounting trick. I am not sure how important the check is. What would be your preferred way to fix this? |
|
I assume we are talking about This one? How does this error condition not get flagged every time If that question has a reasonable answer, I think the right approach is to remove that check; it seems to have been added in the unrelated pull request #13279 (cc @larsrc-google in case he has other opinions) |
|
@lberki It looks like this error does get flagged every time with the hermetic Linux sandbox and the flipped flag. I could look into making the check more realistic (e.g. use actual FS operations), but I would also prefer to just get rid of it. |
fmeum
force-pushed
the
19915-flip-sandbox-hermetic-tmp
branch
from
3b9cc81
to
f035547
Compare
|
CI is failing without the check: |
|
Oof, this is a problem. Turns out, This may be fixable by changing the directory to chroot into, but at least at HEAD, it sure looks like a fundamental incompatibility between these two flags :( |
|
I give up for today. Here is what I have discovered so far:
Yet, with all these changes, the It looks like today's two hours of coding time was not enough to get to the end of this :( |
|
@lberki Thanks for the detailed write-up! Given how tricky this turned out to resolve, would you support disabling |
|
Sounds like a plan. I hope I can get around debugging this, but in the meantime, what you suggest is the most obvious solution. Maybe @oquenchil has an idea? |
If I remember correctly, that's because we want to make everything except the working directory read-only. We do that by mounting the working directory on top of itself, then remounting all mount-points except the one for the working directory read-only. If the working directory weren't its own mount point, it would also become read-only when we remount its parent mount point read-only. In general, the sandbox code contains a lot of "lol, why is this so complex, we can just [...]" parts that are there for a good reason and will fail in the most horrible, flaky way possible if you change them. ;) Oh, the nightmares from the race conditions in the signal handling code... or the weird trick how to mount a fresh procfs inside the sandbox.. 🙀 |
|
Ah, that's why you do the remount! Now I remember that you told me that, I cleverly didn't add a comment, then forgetting it. The lesson about proper software engineering practices is obvious :) Yeah, I understand that the code of the sandbox is famously delicate AND signal handling in Unix is famously arcane. I'll continue digging then as time allows. |
|
Okay, I got this. It's not some incredibly arcane namespace-related stuff. It's that the the sandbox process takes interprets mount targets differently: relative to the sandbox root when in hermetic mode and as absolute path when not in hermetic mode. It makes some amount of sense, but it sure threw me a curveball. |
|
...and now that I put my brain in gear, I realized that implementing hermetic tmp with the hermetic sandbox is stupidly simple: since we already do a Fix coming (as soon as I can find a reviewer for it) |
|
...and it turns out that the sandbox wrapper process already does that |
|
491284b should fix the |
fmeum
force-pushed
the
19915-flip-sandbox-hermetic-tmp
branch
2 times, most recently
from
1818a82
to
0a95ee2
Compare
github-actions
bot
added
awaiting-review
|
In the absence of @oquenchil , I decree that this is fit to be merged. (cc @tjgq in case he feels otherwise) |
lberki
approved these changes
Nov 6, 2023
lberki
added
awaiting-PR-merge
|
SGTM |
|
@bazel-io flag |
bazel-io
added
the
potential release blocker
|
@bazel-io fork 7.0.0 |
bazel-io
removed
the
potential release blocker
github-actions
bot
removed
the
awaiting-PR-merge
bazel-io
pushed a commit
to bazel-io/bazel
that referenced
this pull request
Nov 10, 2023
Fixes bazelbuild#3236 Closes bazelbuild#19915 RELNOTES[INC]: `--incompatible_sandbox_hermetic_tmp` is enabled by default. See bazelbuild#19915 for migration advice. Closes bazelbuild#19943. PiperOrigin-RevId: 581165770 Change-Id: I0d98102f10b1e47c1d8fcf32fb1f7dee5ae0788c
keertk
pushed a commit
that referenced
this pull request
Nov 10, 2023
Fixes #3236 Closes #19915 RELNOTES[INC]: `--incompatible_sandbox_hermetic_tmp` is enabled by default. See #19915 for migration advice. Closes #19943. Commit e2c0276 PiperOrigin-RevId: 581165770 Change-Id: I0d98102f10b1e47c1d8fcf32fb1f7dee5ae0788c Co-authored-by: Fabian Meumertzheim <fabian@meumertzhe.im>
copybara-service bot
pushed a commit
that referenced
this pull request
Dec 11, 2023
Baseline: d60ce2c Release Notes: + **[Incompatible]** This has the side effect of changing the message on unsuccessful builds from ``` FAILED: Build did NOT complete successfully (0 packages loaded) ``` to ``` ERROR: Build did NOT complete successfully ``` + The new path variable `$(rlocationpath ...)` and its plural form `$(rlocationpaths ...)` can be used to expand labels to the paths accepted by the `Rlocation` function of runfiles libraries. This is the preferred way to access data dependencies at runtime and works on all platforms, even when runfiles are not enabled (e.g., on Windows by default). + The `aquery` and `cquery` commands now respect the `--query_file` flag just like the `query` command. + **[Incompatible]** the --experimental_async_execution flag is now a no-op. + **[Incompatible]** --experimental_replay_action_out_err is not a no-op. + **[Incompatible]** `cquery --output=files` also outputs source files. + removed outdated ctx.host_fragments + **[Incompatible]** When multiple --deleted_packages options are passed on the command line, they will be concatenated instead of the latest one taking effect. + removed outdated ctx.host_configuration + **[Incompatible]** JSON profile: Use doubles instead of strings for counter series. + Now that the host configuration is finished, `genrule` should prefer the use of `tools` and stop using `exec_tools`. + **[Incompatible]** --experimental_build_transitive_python_runfiles is flipped to false. See #16303 for details + **[Incompatible]** --incompatible_python_disable_py2 is flipped to true. See #17293 for details. + Update Android manifest merger to v30.1.3, and also drop support for legacy (pre-D8) desugaring. + Correctly encode double value positive infinity as "inf" instead of "+inf" for textprotos. + **[Incompatible]** When remote cache evicts blobs, Bazel will exit with code 39. + Add --use_target_platform_for_tests which uses the target platform for executing tests instead of the execution platform. + **[Incompatible]** `--features` only applies to targets built in the target configuration, and `--host_features` is used for the host / exec configuration (gated behind `--incompatible_use_host_features`) + Custom C++ rules on Windows calling cc_common.create_linking_context_from_compilation_outputs should review whether each target of the rule type should produce a dynamic library since a condition which blocked their creation has been moved to the rules from behind the API. + Add flag `--experimental_remote_cache_ttl` and set the default value to 3 hours. + making --incompatible_use_platforms_repo_for_constraints do nothing. Using constraints from @bazel_tools//platforms with or without the flag will throw error with message "Constraints from @bazel_tools//platforms have been removed. Please use constraints from @platforms repository embedded in Bazel, or preferably declare dependency on https://github.com/bazelbuild/platforms" + **[Incompatible]** Bazel's local CPU resource on Linux is now container aware. Use `--local_cpu_resources`, `--loading_phase_threads` or `--jobs` to override. + Subsequent settings of --extra_execution_platforms now override previous settings, instead of adding them to a list. If you currently set --extra_execution_platforms more than once, please migrate by passing a list of values to --extra_execution_platforms instead so that earlier values aren't overwritten. + @bazel_tools//config:common_settings.bzl has been removed. Use @bazel_skylib//rules:common_settings.bzl instead. + **[Incompatible]** `copy_from_rule` is exec_groups is deprecated (#17668). + cc_shared_library is no longer experimental, see #16709 for details + **[Incompatible]** --legacy_bazel_java_test is now a no-op + The flag `--distinct_host_configuration` is removed. It has been a no-op since Bazel 6.0.0. + Add `--skip_incompatible_explicit_targets` option + **[Incompatible]** `--experimental_execution_graph_log` no longer exists. Current users that want local logs need to pass `--experimental_enable_execution_graph_log --experimental_execution_graph_log_path=/some/local/path`. Current users that want logs uploaded to BEP need to pass `--experimental_enable_execution_graph_log --experimental_stream_log_file_uploads`. + Remove 'darwin' as a CPU value, use 'darwin_x86_64' instead + **[Incompatible]** Remove 'darwin' as a CPU value, use 'darwin_x86_64' instead + cc_test can now be configured by using a native.toolchain(). + The location of rules that explicitly specify `generator_name` and/or `generator_function` attributes (typically because they are incidentally copied from `native.existing_rule()`) is now the top-level call in the `BUILD` file, which is consistent with rules that do not explicitly specify these attributes. + Warnings (most notably those associated with the `deprecation` rule attribute) are no longer replayed on subsequent invocations unless the target in question is re-analyzed. Warnings are purely informational, so this change has no bearing on the correctness of the build. Downstream tests that break due to this change should update their expectations. + `--experimental_remote_build_event_upload` has been renamed to `--remote_build_event_upload` + **[Incompatible]** Remove high priority workers functionality from blaze. + [Breaking change] platform, constraint_setting, and constraint_value can no longer take an applicable_licenses value. Remediation is to remove the attribute and rely on the package level default. + `--experimental_action_cache_store_output_metadata` has been renamed to `--action_cache_store_output_metadata` + Changed the default value for `--remote_build_event_upload` to `minimal`. + `--experimental_remote_cache_compression` has been renamed to `--remote_cache_compression` + Added a new `max_compatibility_level` attribute to the `bazel_dep` directive, which allows version selection to upgrade a dependency up to the specified compatibility level. + `--experimental_remote_grpc_log` has been renamed to `--remote_grpc_log` + `--incompatible_remote_build_event_upload_respect_no_cache` is now a no-op. + json.decode now takes an optional `default` positional parameter; if this parameter is specified and decoding fails, json.decode will return the `default` value instead of failing Starlark evaluation. + --experimental_repository_disable_download is now promoted to stable and is also available under the name --repository_disable_download . + `applicable_licenses` is no longer allowed on the `platform` rule. Additionally, `default_package_metadata` from any `package` rule will not be applied. + **[Incompatible]** Duplicates in <rule-inputs> when using `query --output=xml --aspect_deps=precise` are removed. Added flag `--proto:include_attribute_source_aspects` that will include a new field `source_aspect_name` to the `Attribute` message that indicates the source aspect that the attribute comes from. + Options specified on the pseudo-command `common` in `.rc` files are now ignored by commands that do not support them as long as they are valid options for *any* Bazel command. Previously, commands that did not support all options given for `common` would fail to run. These previous semantics of `common` are now available via the new `always` pseudo-command. + **[Incompatible]** `--incompatible_check_sharding_support` is enabled by default. Sharded tests with test runners that do not properly advertise support for test sharding will fail. Refer to #18339 for migration advice. + the 'default' param of json.decode can now be used as a keyword parameter. + As a transitional step in a larger refactoring, rule transitions are applied twice. Once during dependency resolution and once right before analysis of those rules. After the refactoring is complete, rule transitions will be applied only once. + Add aquery --output=streamed_proto which writes a stream of length delimited ActionGraphContainer containing a single Artifact, Action, Target, DepSetOfFiles, Configuration, AspectDescriptor, RuleClass, PathFragment proto. This breaks up the ActionGraphContainer into multiple which will prevent large protos from crashing blaze. + (BEP) TargetConfigured events will be marked aborted instead of published when there is an analysis error. This is motivated by a low level Blaze change aimed at improving scalability. + **[Incompatible]** cc_binary targets with dynamic_deps attributes no longer link indirect dynamic_deps on Unix. This might be an incompatible change if you are using RUNPATHs (instead of RPATHs) in your cc_shared_libraries. Enable the feature "exclude_bazel_rpaths_in_transitive_libs" or "use_rpath_instead_of_runpath" for those cc_shared_libraries. + Enable starlark_doc_extract - a native rule for Starlark documentation extraction. This rule is intended mainly for internal use by Stardoc. + **[Incompatible]** Remove deprecated and unused `--experimental_show_artifacts` flag. + Added the target path of an UnresolvedSymlink action to the aquery results + Additional source inputs can now be specified for compilation in cc_library targets using the additional_compiler_inputs attribute, and these inputs can be used in the $(location) function. + More descriptive error messages for unexpected cc absolute includes; unexpected absolute includes for cc compiles shouldn't be reported as "undeclared inclusion(s)" + Enable C++ branch coverage if gcov version is 8 or newer. + Deduplicates the result of split transitions uniformly, regardless of whether they are Starlark or native transitions. This used to apply only if either the attribute or rule transition contained a Starlark transition. + Support for optimizers rewriting baseline profiles. + This is a breaking change. `cc_host_toolchain_alias` rule is obsolete and can be interchangeably used with `cc_toolchain_alias` rule. + Fixes non-ascii arguments written to parameter files as mojibake. + NA + The `genrule` attribute `exec_tools` will be removed in a future Bazel release. Please follow directions at #19132 to migrate away from it. + **[Incompatible]** Removed multi_arch_split, use transition_support.apple_platform_split_transition from rules_apple instead. + Supports for android_binary.startup_profiles attribute. + **[Incompatible]** Removed apple_crosstool_transition, use transition_support.apple_rule_transition from rules_apple instead. + **[Incompatible]** Drop deprecated 'transitive_deps', 'transitive_runtime_deps' from JavaInfo + **[Incompatible]** The --android_include_proguard_location_references flag is not supported anymore. + **[Incompatible]** The --apple_compiler command line option is not available anymore. + `rule()` and `attr.*` can no longer be (pointlessly) called during WORKSPACE evaluation and repository rule evaluation. + Expands baseline profile wildcards before optimizer tools see them. + **[Incompatible]** --no_proguard_location_reference is now added unconditionally to the command line of aapt2. + **[Incompatible]** The command line flag --apple_enable_auto_dsym_dbg is not supported anymore. + **[Incompatible]** The --apple_compiler command line option is not available anymore. + **[Incompatible]** py_transitions top-level was removed. + Android resources will no longer propagate through neverlinked libraries by default. + Set Android Databinding to v2 and Databinging AndroidX to true and remove support for Databinding V1. + Added whether or not a FileWrite action's output is executable to the aquery results + --use_single_jar_apk_builder is removed. It's been a no-op for years. + **[Incompatible]** --incompatible_merge_fixed_and_default_shell_env is flipped to true. See #19317 for details. + JVM options in environment variables JAVA_TOOL_OPTIONS and JDK_JAVA_OPTIONS now do not get to the server; use --host_jvm_args instead. + --remote_download_minimal no longer implies --nobuild_runfile_links. + attr objects in Starlark now use value equality rather than reference equality. + **[Incompatible]** `cmd_helper` module was removed + **[Incompatible]** `ctx.new_file` was removed, `ctx.actions.declare_file` is to be used instead. + **[Incompatible]** Fails on unknown attributes (even when set to None). See #19403 + Change output paths to consistently start with [cpu]-[compilation_mode] along with other cleanups to output path generation logic. + Compilation actions using the auto-configured MSVC toolchain are forced to emit error messages in English if the English language pack for Visual Studio is installed. + **[Incompatible]** Flip incompatible_enable_cc_toolchain_resolution (#7260) + The new `--consistent_labels` option on `query`, `cquery`, and `aquery` can be used to force consistent label formatting across all output modes that is also compatible with `str(Label(...))` in Starlark. + **[Incompatible]** proto_compiler attribute removed from proto_lang_toolchain (it was recently introduced, and there is no evidence of use) + **[Incompatible]** --experimental_genquery_use_graphless_query is made to be a NO-OP. + **[Incompatible]** The --call_count_output_path command line option is not supported anymore. + **[Incompatible]** The no-op --dynamic_worker_strategy command line option is no available anymore. + **[Incompatible]** the --experimental_allow_top_level_aspects_parameters, --experimental_async_execution, --experimental_availability_info_exempt, --experimental_dynamic_execution_cpu_limited, --experimental_dynamic_skip_first_build, --experimental_keep_config_nodes_on_analysis_discard, --experimental_local_memory_estimate, --experimental_multi_cpu, --experimental_multi_threaded_digest, --experimental_replay_action_out_err and --experimental_shortened_obj_file_path command line options are not available anymore. + **[Incompatible]** The --experimental_cc_shared_library_debug command line flag is not available anymore. + **[Incompatible]** testing.analysis_test is not experimental anymore + **[Incompatible]** The (no-op) --android_include_proguard_location_references flag is not available anymore. + **[Incompatible]** The --experimental_android_local_test_binary_resources command line option is not available anymore. + **[Incompatible]** The --experimental_includes_attribute_subpackage_traversal command line option is not available anymore. + **[Incompatible]** The --debug_print_action_contexts command line option is not available anymore. + **[Incompatible]** The --experimental_skyframe_include_scanning command line option is not available anymore. + **[Incompatible]** The --experimental_supports_info_crosstool_configuration command line option is not available anymore. + **[Incompatible]** THe --incompatible_avoid_conflict_dlls command line option is not available anymore. + **[Incompatible]** The --experimental_prioritize_local_actions command line option is not available anymore. + **[Incompatible]** The following command line options are not supported anymore: --incompatible_disable_cc_configuration_make_variables, --incompatible_disable_cc_toolchain_label_from_crosstool_proto, --incompatible_disable_crosstool_file, --incompatible_disable_depset_in_cc_user_flags, --incompatible_disable_legacy_cpp_toolchain_skylark_api, --incompatible_disable_legacy_cpp_toolchain_skylark_api, incompatible_disable_legacy_flags_cc_toolchain_api, --incompatible_disable_managed_directories, --incompatible_disable_runtimes_filegroups, --incompatible_disable_sysroot_from_configuration, --incompatible_disable_tools_defaults_package, --incompatible_disallow_legacy_javainfo, --incompatible_dont_emit_static_libgcc, --incompatible_enable_legacy_cpp_toolchain_skylark_api, --incompatible_linkopts_in_user_link_flags, --incompatible_provide_cc_toolchain_info_from_cc_toolchain_suite, --incompatible_require_feature_configuration_for_pic . + **[Incompatible]** The --experimental_execution_graph_log_cached and --experimental_execution_graph_log_missed command line options are not available anymore. + **[Incompatible]** The --experimental_use_sh_binary_stub_script command line option is not available anymore. + **[Incompatible]** The --incompatible_disable_expand_if_all_available_in_flag_set command line option is not available anymore. + default_applicable_licenses in package() now applies to the entire BUILD file, regardless of where in the BUILD that package() is called. + **[Incompatible]** The --incompatible_load_cc_rules_from_bzl command line option is not available anymore. + **[Incompatible]** The --incompatible_display_source_file_location command line option is not available anymore. + **[Incompatible]** The --experimental_repository_hash_file and --experimental_verify_repository_rules command line options are not available anymore. + **[Incompatible]** The following previously no-op command line options are not available anymore: --legacy_spawn_scheduler, --use_workers_with_dexbuilder, --print_workspace_in_output_paths_if_needed, --watchos_simulator_version, --watchos_simulator_device, --tvos_simulator_version, --tvos_simulator_device. + **[Incompatible]** The --show_warnings command line option of the command "canonicalize-flags" is not available anymore. + **[Incompatible]** The command line option --remove_all_convenience_symlinks is not available anymore. + **[Incompatible]** java_test doesn't produce deploy jars anymore + **[Incompatible]** The lazy template expansion is not experimental anymore (--experimental_lazy_template_expansion command line option is not available anymore). + **[Incompatible]** The --incompatible_disallow_legacy_javainfo command line option is not available anymore. + **[Incompatible]** The --incompatible_remove_cpu_and_compiler_attributes_from_cc_toolchain command line option is not available anymore. Using the "cpu" and "compiler" options of the cc_toolchain rule now results in a slightly different error that is signaled earlier. + **[Incompatible]** THe --incompatible_force_strict_header_check_from_starlark command line option is not available anymore. + **[Incompatible]** --incompatible_visibility_private_attributes_at_definition is flipped to true. See #19330 for details. + **[Incompatible]** The --experimental_java_proto_library_default_has_services command line option and the Starlark symbol java_common.experimental_java_proto_library_default_has_services function are not available anymore. + **[Incompatible]** The no-op --experimental_cpp_compile_argv_ignore_param_file command line option is not available anymore. + Make variable expansion of `objc_library` produces better error messages. + **[Incompatible]** rule function takes only implementation function positionally, other parameters have to be named + **[Incompatible]** The --incompatible_genquery_use_graphless_query command line options is not available anymore. + Added support for a new directive `use_repo_rule` in MODULE.bazel files, which allows you to conveniently declare repos that are only visible within your module. + Bazel now throws an error if the root module specifies overrides on nonexistent modules. + Fix includes attribute of `objc_library` when sibling repository layout is used. + Directories used by sandboxed non-worker execution may be reused to avoid unnecessary setup costs. Disable behavior with --noreuse_sandbox_directories. + **[Incompatible]** The sandboxfs sandboxing strategy is removed. It hadn't been maintained for a long time, it didn't work for most users and it was not consistently faster while being complex to set up. sandboxfs performance is heavily dependent on the specific setup (setup costs are lower, but you have to pay a penalty for the use of each input) and there are scenarios where it is faster and scenarios where it is slower. Overall it is not worth its weight. + Symlink trees created by sandboxing will be deleted asynchronously. Disable behavior with --experimental_sandbox_async_tree_delete_idle_threads=0. + **[Incompatible]** Bzlmod is enabled by default, please consider migrating your external dependencies from WORKSPACE to MODULE.bazel. Find more details at #18958 + Enable Platforms and Toolchains for Android. Android projects will need to stop passing the legacy flag `--fat_apk_cpu`, and instead use `--android_platforms` using platforms defined with the `@platforms//os:android` constraint. The https://github.com/bazelbuild/rules_android repository defines four standard Android platforms for projects that use those rules, `@rules_android//:armeabi-v7a`, `@rules_android//:arm64-v8a`, `@rules_android//:x86`, `@rules_android//:x86_64`. + **[Incompatible]** Java runtime toolchains created via `local_java_repository` from `@bazel_tools//tools/jdk:local_java_repository.bzl`, which includes `local_jdk`, now have `target_compatible_with` set to the auto-detected host constraints. This can result in errors about toolchain resolution failures for `@bazel_tools//tools/jdk:runtime_toolchain_type`, especially when cross-compiling. These failures can be fixed in the following ways (listed in decreasing order of preference): * Replace `java_binary` targets that aren't meant to be run with `bazel run` or as tools during the build with `java_single_jar` (available in `@rules_java//java:java_single_jar.bzl`). Such targets do not require a Java runtime for the target configuration. * Set `--java_runtime_version=remotejdk_N` for some Java version `N` to let Bazel choose and download an appropriate remote JDK for the current target platform. This setting defaults to `local_jdk`, which means that Bazel can only use the local JDK, which isn't compatible with any other platform. * Manually define and register a `local_java_runtime` with no value set for `exec_compatible_with` (defaults to `[]`) and select it by setting `--java_runtime_version` to its `name`. This fully restores the previous behavior, but can result in incorrect results when cross-compiling (see #18265). Closes #18262. Commit f79ca02 + none Commit 7d87996 + None Commit 0a1dce2 + **[Incompatible]** The attribute `new_local_repository.build_file` no longer accepts a path; a label must be passed instead. Closes #19992. Commit 76d71d9 + **[Incompatible]** Delete the --experimental_execution_log_file flag. Use --execution_log_binary_file in conjunction with --noexecution_log_sort instead. + **[Incompatible]** transition is removed from objc_library (#19688) (cherry picked from commit b4292d2) Co-authored-by: Googler <ilist@google.com> + **[Incompatible]** All labels in Bazel error messages, log output, Build Event Protocol, etc. are now prefixed with double-at (`@@`) instead of single-at (`@`) where applicable, to properly denote that they contain canonical repo names. + None. Commit 491284b + **[Incompatible]** `--incompatible_sandbox_hermetic_tmp` is enabled by default. See #19915 for migration advice. Closes #19943. Commit e2c0276 + **[Incompatible]** The `--experimental_repository_cache_urls_as_default_canonical_id` flag is no longer available. Instead, the `http_archive`, `http_file`, `http_jar`, `jvm_maven_import_external`, and `jvm_import_external` repository rules now use the URLs as the canonical ID if none is provided explicitly. If this behavior is not desired, it can be disabled via `--repo_env=BAZEL_HTTP_RULES_URLS_AS_DEFAULT_CANONICAL_ID=0`. Fixes #19749 Closes #20047. + None Commit 65f847a + None Commit 9bbc2cb + none Fixes #19920 Commit 886b13f + **[Incompatible]** The `BAZEL_CURRENT_REPOSITORY` preprocessor variable, which holds the canonical name of the Bazel repository containing a `cc_*` target, is now only set during compilation if the target depends on the C/C++ runfiles library `@bazel_tools//tools/cpp/runfiles` via `deps` or `implementation_deps`. Fixes #20371 Closes #20388. Commit 454b550 + `--zip_undeclared_test_outputs` now preserves symlinks when zipping `$TEST_UNDECLARED_OUTPUTS_DIR`. Closes #19948. Change-Id: Ia4a8a9699e4e2f40498342af55babc5554a9ac93 Commit 8e639df + **[Incompatible]** Toolchains and execution platforms are now registered in the following order with `--enable_bzlmod`: 1. root module's module file 2. `WORKSPACE` or `WORKSPACE.bzlmod` 3. non-root modules' module files 4. default toolchains registered by Bazel (does not apply with `WORKSPACE.bzlmod` or execution platforms) Fixes #20354 Closes #20407. Commit 96b3612#diff-a8d3aed419e661d4dbecb2dc6668444212d7b1707ff61330b7d8aae61e75d4df Acknowledgements: This release contains contributions from many people at Google, as well as Adam Lavin, Adrian Imboden, Alan Falloon, Alessandro Patti, Alex Eagle, Alexander Grund, AlexTereshenkov, Amanda L Martin, Amet Umerov, Andreas Herrmann, Andy Hamon, andyrinne12, Ankit Agarwal, Ankush Goyal, Anshuman Mishra, Anthony Ter-Saakov, Antoine Musso, Artem Zinnatullin, arun.sampathkumar, aryeh, Austin Schuh, bazel.build machine account, Ben Lee, Benjamin Lee, Benjamin Peterson, Benjamin Sigonneau, Boleyn Su, Brentley Jones, Cameron Martin, Chirag Ramani, Chris Sauer, Christopher Peterson Sauer, Christopher Rydell, Christopher Sauer, Conall O'Brien, Daniel Grunwald, Daniel KT, Daniel Wagner-Hall, David Ostrovsky, dhmemi, Dimi Shahbaz, eareilg, Ed Schouten, Emil Kattainen, Ezekiel Warren, Fabian Meumertzheim, Fahrzin Hemmati, Gaspare Vitta, George Gensure, Greg, Greg Magolan, Grzegorz Lukasik, Guillaume Maudoux, Gunnar Wagenknecht, Halil Sener, Hao Yuan, hvadehra, hvd, Ilan Keshet, Ivan Golub, Jack Dai, James Ma, Jason Mobarak, Jasper, Jay Conrod, Jeff Hodges, Jeremy Volkman, Jimm chja20, Joel Jeske, John Hinnegan, Jon Landis, Jon Parise, jonrose-dev, Joseph Lisee, Joseph Tilahun, Julio Merino, Kai Zhang, keertk, Keith Smiley, Konstantin Erman, Krzysztof Naglik, kshyanashree, Kun-Lu, Laurenz Altenmller, Lee Mracek, Letu Ren, lripoche, Maksim, Malte Poll, Marc Redemske, Marc Zych, Matt Mackay, Matt Vollmer, Mauricio G, Mauricio Galindo, Maxim Matyunin, Maxwell Elliott, mohamadk, Nathan (Blaise) Bruer, nathyong, NelsonLi0701, nglevin, Nicholas Junge, Nick Biryulin, Nick Korostelev, Oliver Lee, Orion Hodson, Oscar Garzon, Patrice Duroux, Patrick Balestra, Peter Lobsinger, Philipp Schrader, Rasrack, Red Daly, redwrasse, Robin Tweedie, robincaloudis, Roger Hu, Romain Chossart, Roman Salvador, Sagar Pathare, Saleem Abdulrasool, Sam Shadwell, Sara Adams, Sascha Moecker, Scott Minor, Severin Strobl, Shaygan Hooshyari, Siddhesh Bhupendra Kuakde, Simon Mavi Stewart, something_vague, Son Luong Ngoc, Steve Barrau, Stiopa Koltsov, stoozy, Sushain Cherivirala, Takeo Sawada, Taylor Barrella, tbaing, Ted Kaplan, Ted Logan, Thi Don, Thulio Ferraz Assis, Timothy Gu, Tom Cnops, Tyler Williams, Ulf Adams, Ulrik Falklof, Uri Baghin, Vertexwahn, Xavier Bonaventura, Xdng Yng, Xiangquan Xiao, Xùdōng Yáng, Yannic, Yannic Bonenberger, Yi Cheng, Yuval Kaplan, yuzhy8701, Zheng Wei Tan.
chiragramani
pushed a commit
to uber-common/bazel
that referenced
this pull request
Dec 12, 2023
Baseline: d60ce2c Release Notes: + **[Incompatible]** This has the side effect of changing the message on unsuccessful builds from ``` FAILED: Build did NOT complete successfully (0 packages loaded) ``` to ``` ERROR: Build did NOT complete successfully ``` + The new path variable `$(rlocationpath ...)` and its plural form `$(rlocationpaths ...)` can be used to expand labels to the paths accepted by the `Rlocation` function of runfiles libraries. This is the preferred way to access data dependencies at runtime and works on all platforms, even when runfiles are not enabled (e.g., on Windows by default). + The `aquery` and `cquery` commands now respect the `--query_file` flag just like the `query` command. + **[Incompatible]** the --experimental_async_execution flag is now a no-op. + **[Incompatible]** --experimental_replay_action_out_err is not a no-op. + **[Incompatible]** `cquery --output=files` also outputs source files. + removed outdated ctx.host_fragments + **[Incompatible]** When multiple --deleted_packages options are passed on the command line, they will be concatenated instead of the latest one taking effect. + removed outdated ctx.host_configuration + **[Incompatible]** JSON profile: Use doubles instead of strings for counter series. + Now that the host configuration is finished, `genrule` should prefer the use of `tools` and stop using `exec_tools`. + **[Incompatible]** --experimental_build_transitive_python_runfiles is flipped to false. See bazelbuild#16303 for details + **[Incompatible]** --incompatible_python_disable_py2 is flipped to true. See bazelbuild#17293 for details. + Update Android manifest merger to v30.1.3, and also drop support for legacy (pre-D8) desugaring. + Correctly encode double value positive infinity as "inf" instead of "+inf" for textprotos. + **[Incompatible]** When remote cache evicts blobs, Bazel will exit with code 39. + Add --use_target_platform_for_tests which uses the target platform for executing tests instead of the execution platform. + **[Incompatible]** `--features` only applies to targets built in the target configuration, and `--host_features` is used for the host / exec configuration (gated behind `--incompatible_use_host_features`) + Custom C++ rules on Windows calling cc_common.create_linking_context_from_compilation_outputs should review whether each target of the rule type should produce a dynamic library since a condition which blocked their creation has been moved to the rules from behind the API. + Add flag `--experimental_remote_cache_ttl` and set the default value to 3 hours. + making --incompatible_use_platforms_repo_for_constraints do nothing. Using constraints from @bazel_tools//platforms with or without the flag will throw error with message "Constraints from @bazel_tools//platforms have been removed. Please use constraints from @platforms repository embedded in Bazel, or preferably declare dependency on https://github.com/bazelbuild/platforms" + **[Incompatible]** Bazel's local CPU resource on Linux is now container aware. Use `--local_cpu_resources`, `--loading_phase_threads` or `--jobs` to override. + Subsequent settings of --extra_execution_platforms now override previous settings, instead of adding them to a list. If you currently set --extra_execution_platforms more than once, please migrate by passing a list of values to --extra_execution_platforms instead so that earlier values aren't overwritten. + @bazel_tools//config:common_settings.bzl has been removed. Use @bazel_skylib//rules:common_settings.bzl instead. + **[Incompatible]** `copy_from_rule` is exec_groups is deprecated (bazelbuild#17668). + cc_shared_library is no longer experimental, see bazelbuild#16709 for details + **[Incompatible]** --legacy_bazel_java_test is now a no-op + The flag `--distinct_host_configuration` is removed. It has been a no-op since Bazel 6.0.0. + Add `--skip_incompatible_explicit_targets` option + **[Incompatible]** `--experimental_execution_graph_log` no longer exists. Current users that want local logs need to pass `--experimental_enable_execution_graph_log --experimental_execution_graph_log_path=/some/local/path`. Current users that want logs uploaded to BEP need to pass `--experimental_enable_execution_graph_log --experimental_stream_log_file_uploads`. + Remove 'darwin' as a CPU value, use 'darwin_x86_64' instead + **[Incompatible]** Remove 'darwin' as a CPU value, use 'darwin_x86_64' instead + cc_test can now be configured by using a native.toolchain(). + The location of rules that explicitly specify `generator_name` and/or `generator_function` attributes (typically because they are incidentally copied from `native.existing_rule()`) is now the top-level call in the `BUILD` file, which is consistent with rules that do not explicitly specify these attributes. + Warnings (most notably those associated with the `deprecation` rule attribute) are no longer replayed on subsequent invocations unless the target in question is re-analyzed. Warnings are purely informational, so this change has no bearing on the correctness of the build. Downstream tests that break due to this change should update their expectations. + `--experimental_remote_build_event_upload` has been renamed to `--remote_build_event_upload` + **[Incompatible]** Remove high priority workers functionality from blaze. + [Breaking change] platform, constraint_setting, and constraint_value can no longer take an applicable_licenses value. Remediation is to remove the attribute and rely on the package level default. + `--experimental_action_cache_store_output_metadata` has been renamed to `--action_cache_store_output_metadata` + Changed the default value for `--remote_build_event_upload` to `minimal`. + `--experimental_remote_cache_compression` has been renamed to `--remote_cache_compression` + Added a new `max_compatibility_level` attribute to the `bazel_dep` directive, which allows version selection to upgrade a dependency up to the specified compatibility level. + `--experimental_remote_grpc_log` has been renamed to `--remote_grpc_log` + `--incompatible_remote_build_event_upload_respect_no_cache` is now a no-op. + json.decode now takes an optional `default` positional parameter; if this parameter is specified and decoding fails, json.decode will return the `default` value instead of failing Starlark evaluation. + --experimental_repository_disable_download is now promoted to stable and is also available under the name --repository_disable_download . + `applicable_licenses` is no longer allowed on the `platform` rule. Additionally, `default_package_metadata` from any `package` rule will not be applied. + **[Incompatible]** Duplicates in <rule-inputs> when using `query --output=xml --aspect_deps=precise` are removed. Added flag `--proto:include_attribute_source_aspects` that will include a new field `source_aspect_name` to the `Attribute` message that indicates the source aspect that the attribute comes from. + Options specified on the pseudo-command `common` in `.rc` files are now ignored by commands that do not support them as long as they are valid options for *any* Bazel command. Previously, commands that did not support all options given for `common` would fail to run. These previous semantics of `common` are now available via the new `always` pseudo-command. + **[Incompatible]** `--incompatible_check_sharding_support` is enabled by default. Sharded tests with test runners that do not properly advertise support for test sharding will fail. Refer to bazelbuild#18339 for migration advice. + the 'default' param of json.decode can now be used as a keyword parameter. + As a transitional step in a larger refactoring, rule transitions are applied twice. Once during dependency resolution and once right before analysis of those rules. After the refactoring is complete, rule transitions will be applied only once. + Add aquery --output=streamed_proto which writes a stream of length delimited ActionGraphContainer containing a single Artifact, Action, Target, DepSetOfFiles, Configuration, AspectDescriptor, RuleClass, PathFragment proto. This breaks up the ActionGraphContainer into multiple which will prevent large protos from crashing blaze. + (BEP) TargetConfigured events will be marked aborted instead of published when there is an analysis error. This is motivated by a low level Blaze change aimed at improving scalability. + **[Incompatible]** cc_binary targets with dynamic_deps attributes no longer link indirect dynamic_deps on Unix. This might be an incompatible change if you are using RUNPATHs (instead of RPATHs) in your cc_shared_libraries. Enable the feature "exclude_bazel_rpaths_in_transitive_libs" or "use_rpath_instead_of_runpath" for those cc_shared_libraries. + Enable starlark_doc_extract - a native rule for Starlark documentation extraction. This rule is intended mainly for internal use by Stardoc. + **[Incompatible]** Remove deprecated and unused `--experimental_show_artifacts` flag. + Added the target path of an UnresolvedSymlink action to the aquery results + Additional source inputs can now be specified for compilation in cc_library targets using the additional_compiler_inputs attribute, and these inputs can be used in the $(location) function. + More descriptive error messages for unexpected cc absolute includes; unexpected absolute includes for cc compiles shouldn't be reported as "undeclared inclusion(s)" + Enable C++ branch coverage if gcov version is 8 or newer. + Deduplicates the result of split transitions uniformly, regardless of whether they are Starlark or native transitions. This used to apply only if either the attribute or rule transition contained a Starlark transition. + Support for optimizers rewriting baseline profiles. + This is a breaking change. `cc_host_toolchain_alias` rule is obsolete and can be interchangeably used with `cc_toolchain_alias` rule. + Fixes non-ascii arguments written to parameter files as mojibake. + NA + The `genrule` attribute `exec_tools` will be removed in a future Bazel release. Please follow directions at bazelbuild#19132 to migrate away from it. + **[Incompatible]** Removed multi_arch_split, use transition_support.apple_platform_split_transition from rules_apple instead. + Supports for android_binary.startup_profiles attribute. + **[Incompatible]** Removed apple_crosstool_transition, use transition_support.apple_rule_transition from rules_apple instead. + **[Incompatible]** Drop deprecated 'transitive_deps', 'transitive_runtime_deps' from JavaInfo + **[Incompatible]** The --android_include_proguard_location_references flag is not supported anymore. + **[Incompatible]** The --apple_compiler command line option is not available anymore. + `rule()` and `attr.*` can no longer be (pointlessly) called during WORKSPACE evaluation and repository rule evaluation. + Expands baseline profile wildcards before optimizer tools see them. + **[Incompatible]** --no_proguard_location_reference is now added unconditionally to the command line of aapt2. + **[Incompatible]** The command line flag --apple_enable_auto_dsym_dbg is not supported anymore. + **[Incompatible]** The --apple_compiler command line option is not available anymore. + **[Incompatible]** py_transitions top-level was removed. + Android resources will no longer propagate through neverlinked libraries by default. + Set Android Databinding to v2 and Databinging AndroidX to true and remove support for Databinding V1. + Added whether or not a FileWrite action's output is executable to the aquery results + --use_single_jar_apk_builder is removed. It's been a no-op for years. + **[Incompatible]** --incompatible_merge_fixed_and_default_shell_env is flipped to true. See bazelbuild#19317 for details. + JVM options in environment variables JAVA_TOOL_OPTIONS and JDK_JAVA_OPTIONS now do not get to the server; use --host_jvm_args instead. + --remote_download_minimal no longer implies --nobuild_runfile_links. + attr objects in Starlark now use value equality rather than reference equality. + **[Incompatible]** `cmd_helper` module was removed + **[Incompatible]** `ctx.new_file` was removed, `ctx.actions.declare_file` is to be used instead. + **[Incompatible]** Fails on unknown attributes (even when set to None). See bazelbuild#19403 + Change output paths to consistently start with [cpu]-[compilation_mode] along with other cleanups to output path generation logic. + Compilation actions using the auto-configured MSVC toolchain are forced to emit error messages in English if the English language pack for Visual Studio is installed. + **[Incompatible]** Flip incompatible_enable_cc_toolchain_resolution (bazelbuild#7260) + The new `--consistent_labels` option on `query`, `cquery`, and `aquery` can be used to force consistent label formatting across all output modes that is also compatible with `str(Label(...))` in Starlark. + **[Incompatible]** proto_compiler attribute removed from proto_lang_toolchain (it was recently introduced, and there is no evidence of use) + **[Incompatible]** --experimental_genquery_use_graphless_query is made to be a NO-OP. + **[Incompatible]** The --call_count_output_path command line option is not supported anymore. + **[Incompatible]** The no-op --dynamic_worker_strategy command line option is no available anymore. + **[Incompatible]** the --experimental_allow_top_level_aspects_parameters, --experimental_async_execution, --experimental_availability_info_exempt, --experimental_dynamic_execution_cpu_limited, --experimental_dynamic_skip_first_build, --experimental_keep_config_nodes_on_analysis_discard, --experimental_local_memory_estimate, --experimental_multi_cpu, --experimental_multi_threaded_digest, --experimental_replay_action_out_err and --experimental_shortened_obj_file_path command line options are not available anymore. + **[Incompatible]** The --experimental_cc_shared_library_debug command line flag is not available anymore. + **[Incompatible]** testing.analysis_test is not experimental anymore + **[Incompatible]** The (no-op) --android_include_proguard_location_references flag is not available anymore. + **[Incompatible]** The --experimental_android_local_test_binary_resources command line option is not available anymore. + **[Incompatible]** The --experimental_includes_attribute_subpackage_traversal command line option is not available anymore. + **[Incompatible]** The --debug_print_action_contexts command line option is not available anymore. + **[Incompatible]** The --experimental_skyframe_include_scanning command line option is not available anymore. + **[Incompatible]** The --experimental_supports_info_crosstool_configuration command line option is not available anymore. + **[Incompatible]** THe --incompatible_avoid_conflict_dlls command line option is not available anymore. + **[Incompatible]** The --experimental_prioritize_local_actions command line option is not available anymore. + **[Incompatible]** The following command line options are not supported anymore: --incompatible_disable_cc_configuration_make_variables, --incompatible_disable_cc_toolchain_label_from_crosstool_proto, --incompatible_disable_crosstool_file, --incompatible_disable_depset_in_cc_user_flags, --incompatible_disable_legacy_cpp_toolchain_skylark_api, --incompatible_disable_legacy_cpp_toolchain_skylark_api, incompatible_disable_legacy_flags_cc_toolchain_api, --incompatible_disable_managed_directories, --incompatible_disable_runtimes_filegroups, --incompatible_disable_sysroot_from_configuration, --incompatible_disable_tools_defaults_package, --incompatible_disallow_legacy_javainfo, --incompatible_dont_emit_static_libgcc, --incompatible_enable_legacy_cpp_toolchain_skylark_api, --incompatible_linkopts_in_user_link_flags, --incompatible_provide_cc_toolchain_info_from_cc_toolchain_suite, --incompatible_require_feature_configuration_for_pic . + **[Incompatible]** The --experimental_execution_graph_log_cached and --experimental_execution_graph_log_missed command line options are not available anymore. + **[Incompatible]** The --experimental_use_sh_binary_stub_script command line option is not available anymore. + **[Incompatible]** The --incompatible_disable_expand_if_all_available_in_flag_set command line option is not available anymore. + default_applicable_licenses in package() now applies to the entire BUILD file, regardless of where in the BUILD that package() is called. + **[Incompatible]** The --incompatible_load_cc_rules_from_bzl command line option is not available anymore. + **[Incompatible]** The --incompatible_display_source_file_location command line option is not available anymore. + **[Incompatible]** The --experimental_repository_hash_file and --experimental_verify_repository_rules command line options are not available anymore. + **[Incompatible]** The following previously no-op command line options are not available anymore: --legacy_spawn_scheduler, --use_workers_with_dexbuilder, --print_workspace_in_output_paths_if_needed, --watchos_simulator_version, --watchos_simulator_device, --tvos_simulator_version, --tvos_simulator_device. + **[Incompatible]** The --show_warnings command line option of the command "canonicalize-flags" is not available anymore. + **[Incompatible]** The command line option --remove_all_convenience_symlinks is not available anymore. + **[Incompatible]** java_test doesn't produce deploy jars anymore + **[Incompatible]** The lazy template expansion is not experimental anymore (--experimental_lazy_template_expansion command line option is not available anymore). + **[Incompatible]** The --incompatible_disallow_legacy_javainfo command line option is not available anymore. + **[Incompatible]** The --incompatible_remove_cpu_and_compiler_attributes_from_cc_toolchain command line option is not available anymore. Using the "cpu" and "compiler" options of the cc_toolchain rule now results in a slightly different error that is signaled earlier. + **[Incompatible]** THe --incompatible_force_strict_header_check_from_starlark command line option is not available anymore. + **[Incompatible]** --incompatible_visibility_private_attributes_at_definition is flipped to true. See bazelbuild#19330 for details. + **[Incompatible]** The --experimental_java_proto_library_default_has_services command line option and the Starlark symbol java_common.experimental_java_proto_library_default_has_services function are not available anymore. + **[Incompatible]** The no-op --experimental_cpp_compile_argv_ignore_param_file command line option is not available anymore. + Make variable expansion of `objc_library` produces better error messages. + **[Incompatible]** rule function takes only implementation function positionally, other parameters have to be named + **[Incompatible]** The --incompatible_genquery_use_graphless_query command line options is not available anymore. + Added support for a new directive `use_repo_rule` in MODULE.bazel files, which allows you to conveniently declare repos that are only visible within your module. + Bazel now throws an error if the root module specifies overrides on nonexistent modules. + Fix includes attribute of `objc_library` when sibling repository layout is used. + Directories used by sandboxed non-worker execution may be reused to avoid unnecessary setup costs. Disable behavior with --noreuse_sandbox_directories. + **[Incompatible]** The sandboxfs sandboxing strategy is removed. It hadn't been maintained for a long time, it didn't work for most users and it was not consistently faster while being complex to set up. sandboxfs performance is heavily dependent on the specific setup (setup costs are lower, but you have to pay a penalty for the use of each input) and there are scenarios where it is faster and scenarios where it is slower. Overall it is not worth its weight. + Symlink trees created by sandboxing will be deleted asynchronously. Disable behavior with --experimental_sandbox_async_tree_delete_idle_threads=0. + **[Incompatible]** Bzlmod is enabled by default, please consider migrating your external dependencies from WORKSPACE to MODULE.bazel. Find more details at bazelbuild#18958 + Enable Platforms and Toolchains for Android. Android projects will need to stop passing the legacy flag `--fat_apk_cpu`, and instead use `--android_platforms` using platforms defined with the `@platforms//os:android` constraint. The https://github.com/bazelbuild/rules_android repository defines four standard Android platforms for projects that use those rules, `@rules_android//:armeabi-v7a`, `@rules_android//:arm64-v8a`, `@rules_android//:x86`, `@rules_android//:x86_64`. + **[Incompatible]** Java runtime toolchains created via `local_java_repository` from `@bazel_tools//tools/jdk:local_java_repository.bzl`, which includes `local_jdk`, now have `target_compatible_with` set to the auto-detected host constraints. This can result in errors about toolchain resolution failures for `@bazel_tools//tools/jdk:runtime_toolchain_type`, especially when cross-compiling. These failures can be fixed in the following ways (listed in decreasing order of preference): * Replace `java_binary` targets that aren't meant to be run with `bazel run` or as tools during the build with `java_single_jar` (available in `@rules_java//java:java_single_jar.bzl`). Such targets do not require a Java runtime for the target configuration. * Set `--java_runtime_version=remotejdk_N` for some Java version `N` to let Bazel choose and download an appropriate remote JDK for the current target platform. This setting defaults to `local_jdk`, which means that Bazel can only use the local JDK, which isn't compatible with any other platform. * Manually define and register a `local_java_runtime` with no value set for `exec_compatible_with` (defaults to `[]`) and select it by setting `--java_runtime_version` to its `name`. This fully restores the previous behavior, but can result in incorrect results when cross-compiling (see bazelbuild#18265). Closes bazelbuild#18262. Commit bazelbuild@f79ca02 + none Commit bazelbuild@7d87996 + None Commit bazelbuild@0a1dce2 + **[Incompatible]** The attribute `new_local_repository.build_file` no longer accepts a path; a label must be passed instead. Closes bazelbuild#19992. Commit bazelbuild@76d71d9 + **[Incompatible]** Delete the --experimental_execution_log_file flag. Use --execution_log_binary_file in conjunction with --noexecution_log_sort instead. + **[Incompatible]** transition is removed from objc_library (bazelbuild#19688) (cherry picked from commit b4292d2) Co-authored-by: Googler <ilist@google.com> + **[Incompatible]** All labels in Bazel error messages, log output, Build Event Protocol, etc. are now prefixed with double-at (`@@`) instead of single-at (`@`) where applicable, to properly denote that they contain canonical repo names. + None. Commit bazelbuild@491284b + **[Incompatible]** `--incompatible_sandbox_hermetic_tmp` is enabled by default. See bazelbuild#19915 for migration advice. Closes bazelbuild#19943. Commit bazelbuild@e2c0276 + **[Incompatible]** The `--experimental_repository_cache_urls_as_default_canonical_id` flag is no longer available. Instead, the `http_archive`, `http_file`, `http_jar`, `jvm_maven_import_external`, and `jvm_import_external` repository rules now use the URLs as the canonical ID if none is provided explicitly. If this behavior is not desired, it can be disabled via `--repo_env=BAZEL_HTTP_RULES_URLS_AS_DEFAULT_CANONICAL_ID=0`. Fixes bazelbuild#19749 Closes bazelbuild#20047. + None Commit bazelbuild@65f847a + None Commit bazelbuild@9bbc2cb + none Fixes bazelbuild#19920 Commit bazelbuild@886b13f + **[Incompatible]** The `BAZEL_CURRENT_REPOSITORY` preprocessor variable, which holds the canonical name of the Bazel repository containing a `cc_*` target, is now only set during compilation if the target depends on the C/C++ runfiles library `@bazel_tools//tools/cpp/runfiles` via `deps` or `implementation_deps`. Fixes bazelbuild#20371 Closes bazelbuild#20388. Commit bazelbuild@454b550 + `--zip_undeclared_test_outputs` now preserves symlinks when zipping `$TEST_UNDECLARED_OUTPUTS_DIR`. Closes bazelbuild#19948. Change-Id: Ia4a8a9699e4e2f40498342af55babc5554a9ac93 Commit bazelbuild@8e639df + **[Incompatible]** Toolchains and execution platforms are now registered in the following order with `--enable_bzlmod`: 1. root module's module file 2. `WORKSPACE` or `WORKSPACE.bzlmod` 3. non-root modules' module files 4. default toolchains registered by Bazel (does not apply with `WORKSPACE.bzlmod` or execution platforms) Fixes bazelbuild#20354 Closes bazelbuild#20407. Commit bazelbuild@96b3612#diff-a8d3aed419e661d4dbecb2dc6668444212d7b1707ff61330b7d8aae61e75d4df Acknowledgements: This release contains contributions from many people at Google, as well as Adam Lavin, Adrian Imboden, Alan Falloon, Alessandro Patti, Alex Eagle, Alexander Grund, AlexTereshenkov, Amanda L Martin, Amet Umerov, Andreas Herrmann, Andy Hamon, andyrinne12, Ankit Agarwal, Ankush Goyal, Anshuman Mishra, Anthony Ter-Saakov, Antoine Musso, Artem Zinnatullin, arun.sampathkumar, aryeh, Austin Schuh, bazel.build machine account, Ben Lee, Benjamin Lee, Benjamin Peterson, Benjamin Sigonneau, Boleyn Su, Brentley Jones, Cameron Martin, Chirag Ramani, Chris Sauer, Christopher Peterson Sauer, Christopher Rydell, Christopher Sauer, Conall O'Brien, Daniel Grunwald, Daniel KT, Daniel Wagner-Hall, David Ostrovsky, dhmemi, Dimi Shahbaz, eareilg, Ed Schouten, Emil Kattainen, Ezekiel Warren, Fabian Meumertzheim, Fahrzin Hemmati, Gaspare Vitta, George Gensure, Greg, Greg Magolan, Grzegorz Lukasik, Guillaume Maudoux, Gunnar Wagenknecht, Halil Sener, Hao Yuan, hvadehra, hvd, Ilan Keshet, Ivan Golub, Jack Dai, James Ma, Jason Mobarak, Jasper, Jay Conrod, Jeff Hodges, Jeremy Volkman, Jimm chja20, Joel Jeske, John Hinnegan, Jon Landis, Jon Parise, jonrose-dev, Joseph Lisee, Joseph Tilahun, Julio Merino, Kai Zhang, keertk, Keith Smiley, Konstantin Erman, Krzysztof Naglik, kshyanashree, Kun-Lu, Laurenz Altenmller, Lee Mracek, Letu Ren, lripoche, Maksim, Malte Poll, Marc Redemske, Marc Zych, Matt Mackay, Matt Vollmer, Mauricio G, Mauricio Galindo, Maxim Matyunin, Maxwell Elliott, mohamadk, Nathan (Blaise) Bruer, nathyong, NelsonLi0701, nglevin, Nicholas Junge, Nick Biryulin, Nick Korostelev, Oliver Lee, Orion Hodson, Oscar Garzon, Patrice Duroux, Patrick Balestra, Peter Lobsinger, Philipp Schrader, Rasrack, Red Daly, redwrasse, Robin Tweedie, robincaloudis, Roger Hu, Romain Chossart, Roman Salvador, Sagar Pathare, Saleem Abdulrasool, Sam Shadwell, Sara Adams, Sascha Moecker, Scott Minor, Severin Strobl, Shaygan Hooshyari, Siddhesh Bhupendra Kuakde, Simon Mavi Stewart, something_vague, Son Luong Ngoc, Steve Barrau, Stiopa Koltsov, stoozy, Sushain Cherivirala, Takeo Sawada, Taylor Barrella, tbaing, Ted Kaplan, Ted Logan, Thi Don, Thulio Ferraz Assis, Timothy Gu, Tom Cnops, Tyler Williams, Ulf Adams, Ulrik Falklof, Uri Baghin, Vertexwahn, Xavier Bonaventura, Xdng Yng, Xiangquan Xiao, Xùdōng Yáng, Yannic, Yannic Bonenberger, Yi Cheng, Yuval Kaplan, yuzhy8701, Zheng Wei Tan.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #3236
Closes #19915
RELNOTES[INC]:
--incompatible_sandbox_hermetic_tmpis enabled by default. See #19915 for migration advice.