Blog

This post describes how to implement the OpenSSF Compiler Options Hardening Guide for C and C++ in CMake.

After trying out the Movable<TResource> type from Move Semantics for IDisposable I discovered a fatal flaw in its implementation: it is incompatible with struct memberwise copy semantics.

See also Move Semantics for IDisposable Part 2

C++ 11 introduced the concept of move semantics to model transfer of ownership. Rust includes transfer of ownership as a key component of its type system. C# could benefit from something similar for IDisposable types. This blog post explores some options on how to handle this.

Downloading a private release asset from GitHub given only its name and tag requires a complicated series of interactions with the GitHub API. This blog post explains how to write two repository rules which make dealing with private release assets in Bazel easy.

A quick tip on how to execute multiple run commands in parallel.

This blog post explains how to use a custom C++ toolchain based on clang 12 with libc++-12 in Bazel on Ubuntu 20.04.

Bazel supports scaling out builds with a remote execution system. Unfortunately, it is very easy for ruleset authors to release rules that work when executed locally but do not work when executed remotely. This blog post explains ruleset authors can set up a simple remote execution system to verify that their rulesets work correctly.

In Bazel, stamping is the process of embedding additional information into built binaries, such as the source control revision or other workspace-related information. Rules that support stamping typically include an integer stamp attribute, where 1 means “always stamp”, 0 means “never stamp”, and -1 means “use the Bazel build --stamp flag. This blog post explains how to write a rule that supports these values.

Many Bazel attributes support the use of predefined variables and functions such as @D for output directory or $(location //foo:bar) to get the path to a label. But what if you want to apply some sort of tranformation to these variables, or define your own custom make variables? This blog post explains how.

Bazel developers are currently working on adding the ability to retrieve secrets using a credential-helper executable, similar to how other tools like Docker and Git handle managing secrets. Until then, the recommended approach is to store secrets in ~/.netrc. This blog post explains how to write a custom Bazel rule which reads secrets from ~/.netrc.