Restrict Starlark to only interact with Starlark types #7281
Comments
Prior to this change, attr.license() is already deprecated and subject to removal via --incompatible_no_attr_license. However, until this flag is fully flipped, the value of license attributes needs to be well defined. This change makes it so while providing nothing more than an opaque type. Progress toward #7281. RELNOTES: None. PiperOrigin-RevId: 232535266
|
Do you know how much work it is? |
|
The work is migrating all remaining uses of Next step here is to deal with the implicit rule attribute "distrib", which has no Starlark type, but is assignable in Starlark. |
These types are not Starlark-compatible, and, due to an existing bug, these are propagated anyway for native rule targets which include them as implicit attributes. Without this change, one may assign to these types in Starlark but later get a catastrophic error when an object of these types is passed to another function, such as dir(). Progress toward #7281. RELNOTES: None. PiperOrigin-RevId: 243336671
|
Update: The work remaining here is to remove SkylarkSignature from PackageFactory, which is a tricky refactoring. To kill off this SkylarkSignature annotation from Bazel entirely (which would be a great refactoring win), we also need to swap out SkylarkSignature usages in Runtime for another annotation which is no-op except for providing documentation for docgen. (Useful for documenting top-level primitives such as |
|
Downgrading from P1 and sending to be re-triaged. |
laurentlb
added
P2
|
I believe this work is mostly done in the interpreter refactoring. |
Over the past year or so a number of bugs have arisen from Starlark functions/methods/struct fields returning natives types that are not proper Starlark types.
One concrete example: specifying a license attr (using
attr.license()) on a rule and then, from the rule context, callingctx.attr.license, gets you an object which is not exposed to Starlark.Trying to print this object prints
<unknown object com.google.devtools.build.lib.packages.License>Starlark needs to crack down on this -- we should throw a catastrophic exception whenever any expression evaluates to a non-Starlark type. Fixing these adhoc only gets us so far, as this sort of bug keeps reappearing.
For motivation as a P1, this particular license bug required me to rollback some progress on #5010.
@SkylarkCallable-annotated methods do have return-type validation, and verify that methods return appropriate Starlark types. Butstruct()does not -- so the following (simplified) user code resulted in a catastrophic error when we migratedgetattrto appropriate validation:as
getattrwould try to return an invalid type.For license itself, we will need to make a call on whether
ctx.attr.licenseshould return nothing or an opaque-but-valid Starlark object.The text was updated successfully, but these errors were encountered: