Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Force sun.jnu.encoding to be UTF-8 in images #514

Merged
merged 1 commit into from
Dec 4, 2024
Merged

fix: Force sun.jnu.encoding to be UTF-8 in images #514

merged 1 commit into from
Dec 4, 2024

Conversation

fmeum
Copy link
Collaborator

@fmeum fmeum commented Dec 4, 2024

Images pick up sun.jnu.encoding from the host build environment, which thus needs to be UTF-8 to be able to access paths with non-ASCII characters in them on Linux. Since Bazel does not inherit LC_CTYPE from the host, the JVM would otherwise default to an ASCII locale.

@fmeum fmeum requested a review from sgammon as a code owner December 4, 2024 17:00
@github-actions GitHub Actions
Copy link

github-actions bot commented Dec 4, 2024
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 11 package(s) with unknown licenses.
See the Details below.

Snapshot Warnings

⚠️: The number of snapshots compared for the base SHA (0) and the head SHA (1) do not match. You may see unexpected additions in the diff.
Re-running this action after a short time may resolve the issue. See the documentation for more information and troubleshooting advice.

License Issues

pom.xml

PackageVersionLicenseIssue Type
org.graalvm.compiler:compiler24.1.0NullUnknown License
org.graalvm.nativeimage:native-image-base24.1.0NullUnknown License
org.graalvm.nativeimage:objectfile24.1.0NullUnknown License
org.graalvm.nativeimage:pointsto24.1.0NullUnknown License
org.graalvm.nativeimage:svm24.1.0NullUnknown License
org.graalvm.polyglot:polyglot24.1.0NullUnknown License
org.graalvm.sdk:collections24.1.0NullUnknown License
org.graalvm.sdk:graal-sdk24.1.0NullUnknown License
org.graalvm.sdk:nativeimage24.1.0NullUnknown License
org.graalvm.sdk:word24.1.0NullUnknown License
org.graalvm.truffle:truffle-compiler24.1.0NullUnknown License

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
maven/org.graalvm.compiler:compiler 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
maven/org.graalvm.nativeimage:native-image-base 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
maven/org.graalvm.nativeimage:objectfile 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
maven/org.graalvm.nativeimage:pointsto 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
maven/org.graalvm.nativeimage:svm 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
maven/org.graalvm.polyglot:polyglot 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
maven/org.graalvm.sdk:collections 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
maven/org.graalvm.sdk:graal-sdk 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
maven/org.graalvm.sdk:nativeimage 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
maven/org.graalvm.sdk:word 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
maven/org.graalvm.truffle:truffle-compiler 24.1.0 🟢 4
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 25 issue activity found in the last 90 days -- score normalized to 10
Code-Review⚠️ 0Found 1/16 approved changesets -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 10security policy file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 9license file detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
Branch-Protection⚠️ -1internal error: error during GetBranch(release/graal-vm/19.1): error during branchesHandler.query: internal error: githubv4.Query: Resource not accessible by integration
Binary-Artifacts⚠️ 0binaries present in source code
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected

Scanned Manifest Files

pom.xml

@fmeum fmeum mentioned this pull request Dec 4, 2024
Closed
@fmeum
fix: Force sun.jnu.encoding to be UTF-8 in images
c813f93 
Images pick up `sun.jnu.encoding` from the host build environment, which thus needs to be UTF-8 to be able to access paths with non-ASCII characters in them on Linux. Since Bazel does not inherit `LC_CTYPE` from the host, the JVM would otherwise default to an ASCII locale.

Signed-off-by: Fabian Meumertzheim <[email protected]>
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Dec 4, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@fmeum
Copy link
Collaborator Author

fmeum commented Dec 4, 2024

@sgammon Looks like the sha for GraalVM 23 changed, do you happen to know why?

@sgammon
Copy link
Owner

sgammon commented Dec 4, 2024

@fmeum GraalVM posts "archive" and "latest" URLs; the archive URLs are not available immediately after release. It is expected as I don't think we've had a release since v23 initially came out.

@sgammon sgammon merged commit 5c67c84 into main Dec 4, 2024
109 of 113 checks passed
@codecov Codecov
Copy link

codecov bot commented Dec 4, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Please upload report for BASE (main@977aa70). Learn more about missing BASE report.

Additional details and impacted files 
@@          Coverage Diff          @@
##             main   #514   +/-   ##
=====================================
  Coverage        ?      0           
=====================================
  Files           ?      0           
  Lines           ?      0           
  Branches        ?      0           
=====================================
  Hits            ?      0           
  Misses          ?      0           
  Partials        ?      0

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@fmeum fmeum deleted the fix-unicode branch December 4, 2024 20:54
copybara-service bot pushed a commit to bazelbuild/bazel that referenced this pull request Dec 6, 2024
@fmeum @copybara-github
Let Turbine handle Unicode paths
a37d288 
This requires patching rules_graalvm with sgammon/rules_graalvm#514 to ensure the native image runs with `sun.jnu.encoding` set to `UTF-8` on Linux.

Also enable unrelated tests after the recent java_tools update.

Work towards #24444
Unblocks #24457

Closes #24565.

PiperOrigin-RevId: 703409662
Change-Id: I44de4387de4a6da404436f5a35a2b27274122bbb
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sgammon sgammon sgammon approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@fmeum @sgammon