BuildXL
Bazel
BuildXL | Bazel | |
---|---|---|
2 | 136 | |
890 | 22,315 | |
1.1% | 0.5% | |
0.0 | 10.0 | |
4 days ago | 5 days ago | |
C# | Java | |
MIT License | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
BuildXL
-
We built the fastest CI in the world. It failed
Seems they came up with a way to scale up build toolchains with BuildXL[0]
Doesn't seem fully baked yet though
[0]: https://github.com/microsoft/BuildXL
-
Using Landlock to Sandbox GNU Make
> With regards to chroot, I stand corrected. I knew it was a tree of symlinks, but I thought it was also more than that because symlinks alone don't seem like a sandbox. Honestly, Cosmopolitan's system appears to be more of a sandbox than that.
To be totally clear: the tree of symlinks thing is a fallback, used only when lacking platform support or when sandboxing is explicitly turned off [0]. On Linux, the normal sandboxing strategy is to use namespaces, like most container runtimes. On Mac it apparently uses sandbox-exec (some opaque Apple tool), as was mentioned above. Chroot, being both non-POSIX, requiring root access on many systems, and not providing the necessary facilities is not really a great fit -- which I assume is why it's not used.
There was experimental Windows sandbox support at one point [1] based on how MS does it for BuildXL (their own build tool for giant monorepos) [2]. Unfortunately it doesn't seem to be maintained, and under the hood it's kinda ugly -- it actively rewrites code in-memory to intercept calls to the Win32 APIs [3], which was apparently the cleanest/best way MS could come up with. However, from Bazel's POV it works in a roughly similar way -- you spawn subprocesses under a supervisor, which is in charge of spinning up whatever the target process is with restrictions on time/memory usage/file access.
On the "sandbox in the interpreter" thing: what kind of checks are you envisioning? It seems like putting checks at that level would end up leaving a lot out -- the goal of any build system is to eventually spawn an arbitrary process (Python, gcc, javac, some shell script, etc.) and so even with extensive checks in starlark you'd end up with accidental sandbox breaks all over the place. For pure starlark rules you could e.g. check that there are no inputs from /usr, but even then if gcc does it implicitly, you're SOL. Or am I thinking of the wrong kind of checks?
[0] https://bazel.build/docs/sandboxing#sandboxing-strategies
[1] https://github.com/bazelbuild/bazel/issues/5136#issuecomment...
[2] https://github.com/microsoft/BuildXL/blob/master/Documentati...
[3] https://github.com/microsoft/Detours/wiki
Bazel
-
Hello World
Wow, if you curl it, there's a lot of boilerplate code there.
Maybe built using Bazel?
https://bazel.build
-
Things I learned while building projects with NX
Bazel by Google
-
Show HN: Flox 1.0 – Open-source dev env as code with Nix
Luckily a feature to limit the disk cache size is in development: https://github.com/bazelbuild/bazel/issues/5139
-
How to write unit tests in C++ relying on non-code files?
This is a problem that Bazel (https://bazel.build) solves in a very convenient way. You can just keep using the paths relative to the repository root, and as long as you properly declare your test needs that file it will access it without problems. Or you can use the runfile libraries to access them too.
-
blade-build VS Bazel - a user suggested alternative
2 projects | 28 Jan 2024
- Bazel 7.0 LTS
-
My first Software Release using GitHub Release
When doing research for this lab exercise I looked at both vcpkg and conan. Both are package managers that would automate the installation and configuration of my program with its dependencies. However, when it came to releasing and sharing my program my options were limited. For example, the central public registry for conan packages is conan-center, but these packages are curated and the process is very involved. There was no way conan-center would accept a class project like mine. Alternatively, I could host a conan package on a public Artifactory repository, but accessing the package requires users to add the repository to their conan remote. This already sounded like too many steps to expect regular users to follow - I already haven't setup any conan remotes, there's no way I could expect regular users to know about conan remotes, let alone have conan installed on their system. After discussing with people online and consulting my instructor, I ultimately decided to do a GitHub release. However, in the future I was encouraged to look into using CMake or bazel.
-
Declarative Gradle is a cool thing I am afraid of: Maven strikes back
NOTE: I won’t mention SBT and Leiningen here because, with all due respect, they are niche build tools. I also won’t discuss Kobalt for the same reason (besides, it’s no longer actively maintained). Additionally, I won’t touch upon Bazel and Buck in this context, mainly because I’m not very familiar with them. If you have insights or comments about these tools, please feel free to share them in the comments 👇
- Bazel
-
A Modern C Development Environment
> None of this solves C's only REAL problem (in my opinion) which is the lack of dependency management.
Bazel solves this really nicely, I know some people have strong opinions on it but I cannot recommend it enough
https://bazel.build/
What are some alternatives?
Microsoft Research Detours Package - Detours is a software package for monitoring and instrumenting API calls on Windows. It is distributed in source code form.
Buck - A fast build system that encourages the creation of small, reusable modules over a variety of platforms and languages.
wireit - Wireit upgrades your npm/pnpm/yarn scripts to make them smarter and more efficient.
nx - Smart Monorepos · Fast CI
Concourse - Concourse is a container-based continuous thing-doer written in Go.
meson - The Meson Build System
make-audit - Easy-to-use tool for auditing Makefiles for errors
Gradle - Adaptable, fast automation for all
act - Run your GitHub Actions locally 🚀
ninja - a small build system with a focus on speed
pmaudit - "Poor Man's Audit" (lightweight build-auditing script)
turborepo - Incremental bundler and build system optimized for JavaScript and TypeScript, written in Rust – including Turborepo and Turbopack. [Moved to: https://github.com/vercel/turbo]