Draft
Conversation
luispadron
force-pushed
the
luis/cherry-pick-batch
branch
7 times, most recently
from
cbff3db to
414a44c
Compare
This was referenced Jan 15, 2026
luispadron
force-pushed
the
luis/cherry-pick-batch
branch
11 times, most recently
from
9cf6eb5 to
181c722
Compare
Starts with: 6282e27
luispadron
force-pushed
the
luis/cherry-pick-batch
branch
from
181c722 to
e22fd7f
Compare
luispadron
force-pushed
the
luis/cherry-pick-batch
branch
from
e22fd7f to
69fb810
Compare
This hasn't been used by the Apple rules for some time. Cherry-pick: 6c4a5dc
…dlib-tool`. Some Swift `Span` APIs back-deploy before 26.0, so 26.0 is now the new minimum to ensure that `libswiftCompatibilitySpan.dylib` is included in bundles that target older OSes. Cherry-pick: e8a44d2
…hrough strings and plists safely. Cherry-pick: 9eb4232
…l native flag is replaced by or re-routed to the Starlark build config equivalent. Cherry-pick: f7e5aa8
…ation_support` Cherry-pick: 4b43d5d
…amic libraries as resources via "data" and "resources" attributes on rules. Cherry-pick: 41d1d10
The dossier signing script signs embedded frameworks and dylibs in the "Frameworks" folder when found. Frameworks themselves do not define entitlements and the optional "provisioning_profile" attribute was only done way back when as a means of "pre-signing" frameworks for app bundles without dossiers. Cherry-pick: d8ecc9b
…gged behind "enable_wip_features", with TODOs to explain implementation to come. As a prerequisite to that work, added support for entitlements to macos_dylib and macos_command_line_application. Cherry-pick: f34a7b8
This doesn't have the arm64e bits set yet, and the test for the entitlements is currently limited to just the keys necessary to ship these features in Xcode 26. Cherry-pick: e5af9f8
…h for static library archives. Cherry-pick: 658c95e
…ity aren't being disabled when they're declared as enabled on the top level rule. Automated testing is limited to what we're able to catch with Starlark analysis tests, i.e. the cases where we fail through the transition can't be effectively modelled in that type of test without bringing down the entire test suite Cherry-pick: d594354
…not established on top level targets (i.e. not frameworks). Currently behind the enable_wip_features flag. This required standardizing on fewer transitions and removing arguments that hadn't advanced enough, as well as propagating through enable_wip_features to avoid dropping the arm64e architecture until clients of the rules are ready to adopt secure_features for Xcode 26. Cherry-pick: b526fc8
…ndled in an iOS app. Cherry-pick: 7160dea
- Add initial support for secure_features on SDK artifacts; validation will follow in subsequent CLs. - Suppress applying the "pointer_authentication" feature to Apple builds that aren't specifically requesting the arm64e architecture. All splits off of "deps" besides the arm64e ones will have the feature removed if it is set. - Add a separate starlark build config to handle the act of dropping arm64e architectures when "pointer_authentication" isn't requested, allowing for onboarding of users that are using arm64e without "pointer_authentication". Cherry-pick: 917dc39
… arm64e support and disabled features. Cherry-pick: 4012850
…ll array of tests to verify that it's taking effect when the starlark build config to drop arm64e slices is active. Cherry-pick: 83c9cd9
…rules to declare the secure features that these precompiled artifacts were built with. Cherry-pick: 07eaefb
…Xcode 26+, and rename the mandatory feature to set the minimum required Apple Enhanced Security entitlements to be more significant to end users. Re-scoped existing TODOs around Apple Enhanced Secuirty support to new issues for tracking. Cherry-pick: 8134b6a
…point of origin, focusing on the supporting resources and code signing at this time before untangling linking itself. Cherry-pick: f5297a1
… with the shared Apple linking logic. Cherry-pick: f608a7b
…IDATE_WITH_PROFILE` Cherry-pick: 5936a6b
… the docs a bit to clarify the exact scope of what the relevant helper in entitlements_support.bzl does. Cherry-pick: 7866ee3
…pare values between entitlements xml and the assigned provisioning profile. This only covers the simple case (exact match) and not the more complex cases that have special handling today in plisttool.py. These could also be pulled out as analysis time configurable options, with different arguments or additional arguments to tweak specific behavior. Cherry-pick: e9f9f61
…itional accomodations, and allow for resetting the list of `extra_keys_to_match_profile` with an empty list. Cherry-pick: 9899cc4
…t for Swift support libraries, from the XCFramework rules. These have been determined to be unnecessary as SDK artifacts. Cherry-pick: efd9c38
… - subset for lists - at analysis time. Other entitlement validation modes to handle trickier relations, such as entitlements that must always be defined for a given provisioning profile, and variations on wildcard handling, will be addressed in subsequent changes. Cherry-pick: 7c9b36d
luispadron
force-pushed
the
luis/cherry-pick-batch
branch
from
69fb810 to
14150aa
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.