Draft
Conversation
luispadron
force-pushed
the
luis/cherry-pick-batch
branch
7 times, most recently
from
cbff3db to
414a44c
Compare
This was referenced Jan 15, 2026
Closed
luispadron
force-pushed
the
luis/cherry-pick-batch
branch
14 times, most recently
from
69fb810 to
14150aa
Compare
luispadron
changed the title
… to work with the new platform-based resolution that has been added to the shared Apple linker logic. Cherry-pick: 0654124
…s to a method are greater than one. Consolidate and reuse variables where they make sense. Cherry-pick: 2507186
…les themselves. Cherry-pick: f1ed76b
…rtial along with dead code that was present from use of the vestigial AppleDynamicFrameworkInfo fields. Cherry-pick: 28d227a
…puts and the anticipated base name via use of "fragment_support" and "outputs", shared through compilation_support and linking_support. This will be used to reference the unstripped binary that is found in the generated dSYM bundles. Cherry-pick: c19c91b
…hrough strings and plists safely. Cherry-pick: 9eb4232
…l native flag is replaced by or re-routed to the Starlark build config equivalent. Cherry-pick: f7e5aa8
…amic libraries as resources via "data" and "resources" attributes on rules. Cherry-pick: 41d1d10
The dossier signing script signs embedded frameworks and dylibs in the "Frameworks" folder when found. Frameworks themselves do not define entitlements and the optional "provisioning_profile" attribute was only done way back when as a means of "pre-signing" frameworks for app bundles without dossiers. Cherry-pick: d8ecc9b
…gged behind "enable_wip_features", with TODOs to explain implementation to come. As a prerequisite to that work, added support for entitlements to macos_dylib and macos_command_line_application. Cherry-pick: f34a7b8
This doesn't have the arm64e bits set yet, and the test for the entitlements is currently limited to just the keys necessary to ship these features in Xcode 26. Cherry-pick: e5af9f8
…h for static library archives. Cherry-pick: 658c95e
…ity aren't being disabled when they're declared as enabled on the top level rule. Automated testing is limited to what we're able to catch with Starlark analysis tests, i.e. the cases where we fail through the transition can't be effectively modelled in that type of test without bringing down the entire test suite Cherry-pick: d594354
…not established on top level targets (i.e. not frameworks). Currently behind the enable_wip_features flag. This required standardizing on fewer transitions and removing arguments that hadn't advanced enough, as well as propagating through enable_wip_features to avoid dropping the arm64e architecture until clients of the rules are ready to adopt secure_features for Xcode 26. Cherry-pick: b526fc8
…ndled in an iOS app. Cherry-pick: 7160dea
- Add initial support for secure_features on SDK artifacts; validation will follow in subsequent CLs. - Suppress applying the "pointer_authentication" feature to Apple builds that aren't specifically requesting the arm64e architecture. All splits off of "deps" besides the arm64e ones will have the feature removed if it is set. - Add a separate starlark build config to handle the act of dropping arm64e architectures when "pointer_authentication" isn't requested, allowing for onboarding of users that are using arm64e without "pointer_authentication". Cherry-pick: 917dc39
… arm64e support and disabled features. Cherry-pick: 4012850
…ll array of tests to verify that it's taking effect when the starlark build config to drop arm64e slices is active. Cherry-pick: 83c9cd9
…rules to declare the secure features that these precompiled artifacts were built with. Cherry-pick: 07eaefb
…Xcode 26+, and rename the mandatory feature to set the minimum required Apple Enhanced Security entitlements to be more significant to end users. Re-scoped existing TODOs around Apple Enhanced Secuirty support to new issues for tracking. Cherry-pick: 8134b6a
…point of origin, focusing on the supporting resources and code signing at this time before untangling linking itself. Cherry-pick: f5297a1
… with the shared Apple linking logic. Cherry-pick: f608a7b
…IDATE_WITH_PROFILE` Cherry-pick: 5936a6b
… the docs a bit to clarify the exact scope of what the relevant helper in entitlements_support.bzl does. Cherry-pick: 7866ee3
…pare values between entitlements xml and the assigned provisioning profile. This only covers the simple case (exact match) and not the more complex cases that have special handling today in plisttool.py. These could also be pulled out as analysis time configurable options, with different arguments or additional arguments to tweak specific behavior. Cherry-pick: e9f9f61
…itional accomodations, and allow for resetting the list of `extra_keys_to_match_profile` with an empty list. Cherry-pick: 9899cc4
…t for Swift support libraries, from the XCFramework rules. These have been determined to be unnecessary as SDK artifacts. Cherry-pick: efd9c38
… - subset for lists - at analysis time. Other entitlement validation modes to handle trickier relations, such as entitlements that must always be defined for a given provisioning profile, and variations on wildcard handling, will be addressed in subsequent changes. Cherry-pick: 7c9b36d
luispadron
force-pushed
the
luis/cherry-pick-batch
branch
from
14150aa to
8ff1cc1
Compare
The bazel_features field objc_fragment_has_builtin_objc_strip_action doesn't exist in released versions. Use hasattr on the fragment directly.
This was referenced Apr 2, 2026
luispadron
added a commit
that referenced
this pull request
Apr 2, 2026
Cherry-picks from the `upstream` branch - batch 1 of a larger sync effort (see #2861 for full context). ## Commits - Add platform attributes to the deprecated `apple_binary`, allowing it to work with platform-based resolution (upstream: 0654124) - Refactor linking logic to use named args and consolidate variables in `compilation_support.bzl` and `linking_support.bzl` (upstream: 2507186) No manual fixes or conflict resolution needed - clean cherry-picks. --------- Co-authored-by: Nicholas Levin <nglevin@google.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Brings in commits from the
upstreambranch