8ec5a595cd cmSbom: Add documentation for `install(SBOM)` and `export(SBOM)`
83671f2d87 cmSbom: Add `export(SBOM)` build generators and unit tests
f2027a886b cmSbom: Add `install(SBOM)` generator and unit tests
dcadde3662 CPS: Refactor ForbidGeneratorExpressions into cmGeneratorExpression
bcb6f689a4 cmExportInstallFileGenerator: Allow overriding of CheckInterfaceDirs
6d6c37c90d cmPackageInfoArguments: Extract common values
8c6676b2ea cmFindPackage: Fix PACKAGE_VERSION not being set when rebuilding
Acked-by: Kitware Robot <kwrobot@kitware.com>
Tested-by: buildbot <buildbot@kitware.com>
Merge-request: !11396
In commit 99d09ec45a (VS: Suppress MSBuild default link flags not
specified by project or user, 2025-06-17, v4.1.0-rc1~6^2) we removed our
default `-subsystem:...` link flag from `SHARED` and `MODULE` libraries
in Visual Studio generators for consistency with command-line generators.
However, unlike other flag suppressions for #27004, this change did not
just suppress MSBuild defaults, but actually changed flags the generator
was previously adding itself.
For the linker subsystem flag, consistency across generators should
perhaps achieved by adding the flag in other generators instead of
removing it from Visual Studio generators. Restore the previous
behavior pending further investigation.
Issue: #27466Fixes: #27464
Add a new variable `CPACK_DEBIAN_COMPRESSION_LEVEL` to control the compression
level used when generating Debian packages. This complements the existing
`CPACK_DEBIAN_COMPRESSION_TYPE` variable and allows finer control over the
compression performance vs. size trade-off. Supported values correspond to
the compression level accepted by the underlying compressor (e.g. gzip, xz,
zstd, etc.).
Previously the command opened the lock file using fopen with "w" mode,
which truncates the file to zero length. This is unsafe because:
1. If the lock file path is a symlink, the target file gets truncated
2. Race conditions between path resolution and file opening can be
exploited to truncate arbitrary files
An attacker can exploit this by creating a symlink at a predictable
lock file location pointing to a critical file (e.g., source files,
configuration, or system files). When cmake runs file(LOCK), it
follows the symlink and destroys the target file's contents.
Fix by changing the file mode from "w" (write/truncate) to "a"
(append). This creates the file if it doesn't exist but preserves
existing content, preventing data destruction attacks.
Typos in commit 9ba0a54554 (TIClang: Add support for TI Clang-based
compilers, including tiarmclang, 2023-12-06, v3.29.0-rc1~4^2~1)
left the flags unused. In particular, `CMAKE_<LANG>_LINKER_FLAGS`
does not exist.
Modify the `export(EXPORT)` and `install(PACKAGE_INFO)` commands to
actually enforce that certain arguments must be non-empty. With respect
to `export`, this is mainly targeted at CPS export, but ends up
affecting all flavors of `export(EXPORT)` because that is the level at
which argument parsing is performed.
Also, add unit tests to verify that the new rejection of arguments with
missing or empty values is working, update the existing tests due to
changes in error reporting, and remove no-longer-needed manual
validation of an empty `PACKAGE_INFO` argument.
Tweak ArgumentParser::ParseResult to store errors as a set, rather than
concatenating them. Add a new method that a) also optionally checks for
unknown arguments, and b) reports errors using the `SetError` method of
`cmExecutionStatus`, which allows callers to `return false`, which is
less surprising when an error occurs. This improves consistency at call
sites, reduces duplication by moving the common task of complaining
about unknown arguments to a reusable method, and also produces somewhat
more concise messages in the case that multiple errors occurred.
Note that, for some reason, the parser is sometimes generating duplicate
errors, hence the use of a set rather than a list.
It was superseded by commit 2f5eb1800b (Tests: Add RunCMake.CTestTimeout
test, 2020-01-13, v3.17.0-rc1~169^2~1) but was kept as a dependency of
the `CTestTestRerunFailed` test. The latter has now been moved into
`RunCMake.CTestCommandLine`, so neither is needed.
There are exactly two places that use `ParseResult::AddKeywordError`:
the parser itself, and the `set` command. Adjust the format of the
message generated by the latter to be consistent with the former.
As we (hopefully) move toward a CPS world, it is helpful for imported
targets to use the package name as the namespace (as required by CPS).
Modify FindSQLite3 to do so. The old name is retained for compatibility.
Only force a compile PDB directory when PCH reusing. This avoids
affecting behavior in unrelated situations. However, PCH reuse requires
a known path so that the `copy_idb_pdb` logic can accurately generate
the copy instructions so that MSVC's rule that PCH use must use the same
PDB file can be adhered to.
Also revert the test suite adaptations from commit f78f592b78 (pchreuse:
defer target existence enforcement to generation time, 2025-06-16,
v4.2.0-rc1~481^2~4).
Fixes: #27401
