swiftlint 0.54.0

[jpsim]

Created with brew bump-formula-pr.

[chenrui333]

error: 'swiftlint-20231110-3796-1cq3q2m': package 'swiftlint-20231110-3796-1cq3q2m' is using Swift tools version 5.9.0 but the installed version is 5.8.0

[chenrui333]

relates to:

• swift 5.9 #143762
• swift 5.9.1 #152643

[jpsim]

@chenrui333 thanks for making the update to the required Xcode version. Are you saying that SwiftLint 0.54.0 is blocked on #143762 or #152643?

[jpsim]

sandbox-exec: sandbox_apply: Operation not permitted
  <unknown>:0: warning: compiler plugin not loaded: '/private/tmp/swiftlint-20231110-4060-css0iy/.build/arm64-apple-macosx/release/SwiftLintCoreMacros; failed to initialize

Does Homebrew not support CLI tools using Swift Macros? 🤔

[chenrui333]

@chenrui333 thanks for making the update to the required Xcode version. Are you saying that SwiftLint 0.54.0 is blocked on #143762 or #152643?

nope, just not gonna be built with linux

[chenrui333]

sandbox-exec: sandbox_apply: Operation not permitted
  <unknown>:0: warning: compiler plugin not loaded: '/private/tmp/swiftlint-20231110-4060-css0iy/.build/arm64-apple-macosx/release/SwiftLintCoreMacros; failed to initialize

Does Homebrew not support CLI tools using Swift Macros? 🤔

that i have to defer to @Bo98

[Bo98]

We have our own sandbox and macOS doesn't support nested sandboxes. I'm guessing something isn't respecting --disable-sandbox in this new version?

[jpsim]

Are any other homebrew formulas using Swift Macros or are we breaking new ground here?

[jpsim]

@Bo98 Swift macros are plugins invoked by the Swift compiler when building Swift code, so that process could definitely be breaking the homebrew sandbox rules. Perhaps the homebrew sandboxing rules will need to be adjusted to add support for Swift macros?

[Bo98]

Are any other homebrew formulas using Swift Macros or are we breaking new ground here?

I'm not sure.

Perhaps the homebrew sandboxing rules will need to be adjusted to add support for Swift macros?

macOS doesn't support nested sandboxing at all AFAIK so no rule can allow that.

Not being able to disable the sandbox seems like a bug, given Swift Package Manger has always made sure to have conditionals to do so:

https://github.com/apple/swift-package-manager/blob/4c3549144733d8042a0c08d59938b505431cf12c/Sources/Workspace/DefaultPluginScriptRunner.swift#L446
https://github.com/apple/swift-package-manager/blob/4c3549144733d8042a0c08d59938b505431cf12c/Sources/Build/BuildManifest/LLBuildManifestBuilder.swift#L205

[Bo98]

Ok I found the unconditional Sandbox - it's the first one that's on compiler level: https://github.com/apple/swift/blob/swift-5.9-RELEASE/lib/AST/PluginRegistry.cpp#L148.

I'll ask about and see if there's anything that can be done about it.

[jpsim]

I wanted to see if building with Bazel avoided the sandbox issue, but it's still there, which makes sense since this is baked into the Swift compiler.

[Bo98]

Ok I've let the relevant people aware that we (and likely MacPorts who also ship swiftlint) are affected by this. For now consider this tracked under FB13373741.

A basic step to reproduce is sandbox-exec -p '(version 1)(allow default)' swift build --disable-sandbox --product swiftlint - which happens to show that even an allow-all rule isn't enough to make it work.

Not really related but: this pull request does remind me we don't have Xcode 15 on the macOS 13 machines yet, probably because we were waiting for the linker bugfixes in Xcode 15.1. Will have a look and see about maybe using the beta, not that it matters here just yet.

[jpsim]

Thanks for filing feedback with apple about this.

Any Swift package with macros will fail when building with sandbox-exec -p '(version 1)(allow default)' swift build --disable-sandbox

For example, a pretty minimal project: https://github.com/alvmo/HexColors

$ sandbox-exec -p '(version 1)(allow default)' swift build --disable-sandbox
Fetching https://github.com/apple/swift-syntax.git from cache
Fetched https://github.com/apple/swift-syntax.git (1.50s)
Computing version for https://github.com/apple/swift-syntax.git
Computed https://github.com/apple/swift-syntax.git at 509.0.0 (0.70s)
Creating working copy for https://github.com/apple/swift-syntax.git
Working copy of https://github.com/apple/swift-syntax.git resolved at 509.0.0
Building for debugging...
sandbox-exec: sandbox_apply: Operation not permitted
<unknown>:0: warning: compiler plugin not loaded: '/Users/jp/src/HexColors/.build/arm64-apple-macosx/debug/HexColorsMacros; failed to initialize
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:7:14: warning: external macro implementation type 'HexColorsMacros.ColorHexMacro' could not be found for macro 'color'
public macro color(_ stringLiteral: StringLiteralType ) -> Color = #externalMacro(module: "HexColorsMacros", type: "ColorHexMacro")
             ^
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:10:14: warning: external macro implementation type 'HexColorsMacros.HexIntExpressionMacro' could not be found for macro 'color'
public macro color(_ hexadecimalIntegerLiteral: IntegerLiteralType ) -> Color = #externalMacro(module: "HexColorsMacros", type: "HexIntExpressionMacro")
             ^
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:28:14: warning: external macro implementation type 'HexColorsMacros.NSColorHexMacro' could not be found for macro 'nsColor'
public macro nsColor(_ stringLiteral: StringLiteralType ) -> NSColor = #externalMacro(module: "HexColorsMacros", type: "NSColorHexMacro")
             ^
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:32:14: warning: external macro implementation type 'HexColorsMacros.NSColorHexMacro' could not be found for macro 'nsColor'
public macro nsColor(_ hexadecimalIntegerLiteral: IntegerLiteralType ) -> NSColor = #externalMacro(module: "HexColorsMacros", type: "NSColorHexMacro")
             ^
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:40:14: warning: external macro implementation type 'HexColorsMacros.CGColorHexMacro' could not be found for macro 'cgColor'
public macro cgColor(_ stringLiteral: StringLiteralType ) -> CGColor = #externalMacro(module: "HexColorsMacros", type: "CGColorHexMacro")
             ^
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:43:14: warning: external macro implementation type 'HexColorsMacros.CGColorHexMacro' could not be found for macro 'cgColor'
public macro cgColor(_ hexadecimalIntegerLiteral: IntegerLiteralType ) -> CGColor = #externalMacro(module: "HexColorsMacros", type: "CGColorHexMacro")
             ^
sandbox-exec: sandbox_apply: Operation not permitted
<unknown>:0: warning: compiler plugin not loaded: '/Users/jp/src/HexColors/.build/arm64-apple-macosx/debug/HexColorsMacros; failed to initialize
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:7:14: warning: external macro implementation type 'HexColorsMacros.ColorHexMacro' could not be found for macro 'color'
public macro color(_ stringLiteral: StringLiteralType ) -> Color = #externalMacro(module: "HexColorsMacros", type: "ColorHexMacro")
             ^
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:10:14: warning: external macro implementation type 'HexColorsMacros.HexIntExpressionMacro' could not be found for macro 'color'
public macro color(_ hexadecimalIntegerLiteral: IntegerLiteralType ) -> Color = #externalMacro(module: "HexColorsMacros", type: "HexIntExpressionMacro")
             ^
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:28:14: warning: external macro implementation type 'HexColorsMacros.NSColorHexMacro' could not be found for macro 'nsColor'
public macro nsColor(_ stringLiteral: StringLiteralType ) -> NSColor = #externalMacro(module: "HexColorsMacros", type: "NSColorHexMacro")
             ^
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:32:14: warning: external macro implementation type 'HexColorsMacros.NSColorHexMacro' could not be found for macro 'nsColor'
public macro nsColor(_ hexadecimalIntegerLiteral: IntegerLiteralType ) -> NSColor = #externalMacro(module: "HexColorsMacros", type: "NSColorHexMacro")
             ^
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:40:14: warning: external macro implementation type 'HexColorsMacros.CGColorHexMacro' could not be found for macro 'cgColor'
public macro cgColor(_ stringLiteral: StringLiteralType ) -> CGColor = #externalMacro(module: "HexColorsMacros", type: "CGColorHexMacro")
             ^
/Users/jp/src/HexColors/Sources/HexColors/HexColors.swift:43:14: warning: external macro implementation type 'HexColorsMacros.CGColorHexMacro' could not be found for macro 'cgColor'
public macro cgColor(_ hexadecimalIntegerLiteral: IntegerLiteralType ) -> CGColor = #externalMacro(module: "HexColorsMacros", type: "CGColorHexMacro")
             ^

Build complete! (34.80s)

I'm assuming there's no way to release this version of SwiftLint via Homebrew given this sandbox violation?

It's unfortunate to tell our users they can't use Homebrew to update to the latest version of SwiftLint until Swift has a new stable release that supports disabling this sandbox.

[jpsim]

I've also filed an issue in SwiftPM, which can be easier to track for non-Apple folks than the feedback you filed: swiftlang/swift-package-manager#7098

[Bo98]

I'm assuming there's no way to release this version of SwiftLint via Homebrew given this sandbox violation?

It's unfortunate to tell our users they can't use Homebrew to update to the latest version of SwiftLint until Swift has a new stable release that supports disabling this sandbox.

Swift 5.9.2 will be out (likely) next month and will be the last 5.9.x release shipped with Xcode. I however obviously don't know yet if there will be a fix in time. After that, there is usually no further Xcode updates until March/April.

I've let our contact know as usual, but of course timeframes are something never discussed.

If it became clear that it won't be fixed in the short term, there are more drastic actions we could take such as potentially patching it out ourselves in our own compiler build and using that. I'll look into fixing up Linux this week and see where things are at.

[SimplyDanny]

Could somebody (@Bo98, @cho-m) rebase the branch again? I guess the failing Linux build was just some hiccup.

[jpsim]

The Linux CI job appears to be failing because it can't download the SwiftPM plugin binary artifact:

error: failed downloading 'https://github.com/realm/SwiftLint/releases/download/0.54.0/SwiftLintBinary-macos.artifactbundle.zip' which is required by binary target 'SwiftLintBinary': downloadError("Error Domain=NSURLErrorDomain Code=-1001 "(null)"")

Possibly related to sandboxing limitations? Can we just disable the Linux CI job to unblock this? Finally the macOS CI job is passing now that it runs with Xcode 15.3 🥳

[Bo98]

Possibly related to sandboxing limitations?

Linux doesn't have a sandbox at all. Is there a reason we're downloading macOS artifacts on Linux?

[SimplyDanny]

Possibly related to sandboxing limitations?

Linux doesn't have a sandbox at all. Is there a reason we're downloading macOS artifacts on Linux?

This is a bug in Swift Package Manager. There is a workaround in the 0.55.0 line. How about skipping 0.54.0 in Homebrew entirely and continue with the (not yet released) 0.55.0 version?

[iMichka]

continue with the (not yet released) 0.55.0 version?

We can, as soon as 0.55.0 is tagged. We do not ship unstable versions.
If patches exist that can be backported, we would accept them though.

[amcinnis]

Now that SwiftLint 0.55.0 has shipped, can we revisit this issue?

[SimplyDanny]

Now that SwiftLint 0.55.0 has shipped, can we revisit this issue?

The new release comes with a lot of changes. The plan is to wait for a few days still, so that the early adopters can report back any issues they face with the new release.

If everything seems fine, we may drop 0.54.0 and add 0.55.0 to Homebrew. Why wait? In Homebrew there's only the latest version of SwiftLint available. In case there's a serious issue, it wouldn't block people completely.

[iMichka]

Fixed by #171923