Skip to content

Instantly share code, notes, and snippets.

Created Aug 25, 2019
What would you like to do?

GSoC Work Product Submission

Describe my work briefly

Bazel on Linux already supports various ways to run actions in a sandbox (linux-sandbox, processwrapper-sandbox). We want to support sandboxing on Windows by reusing parts from BuildXL (Microsoft Build Accelerator).

Goal of sandboxing

The main motivation to have sandboxing on Windows is to safeguard actions from accidentally using undeclared inputs as this will affect build correctness. This has been a source of issues that causes Windows build to behave differently from Linux and Mac build.

Example of inadvertent file access: GH#5640.

Final GSoC Status

Sandbox on Windows (BazelSandbox version 0.5) works with Bazel 0.29 onwards. It can sandbox most Bazel builds, but there is still room for improvement in terms of performance and binary size reduction (see unfinished work for more details).

Detailed GSoC Log

Github commits


Unfinished work

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment