Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit ff5a1778 authored by Paul Duffin's avatar Paul Duffin
Browse files

Remove unnecessary core library neverallow rules 

The rules that restricted access to core library targets are no longer
required as they have been replaced with visibility rules. The
visibility rules are safer because they check all dependencies whereas
the neverallow rules that have been removed only checked dependencies
in the libs property and so missed dependencies in static_libs and
java_libs properties.

(cherry picked from 8e8c01c3)

Bug: 112158820
Test: m core-tests
Change-Id: I3b50b705b7cd6fcdc55d26cd71b9149b3abd2b88
Merged-In: Ibfef74db0769992266ebadf445836d2a183df3f7
parent 77b3fec7

android/neverallow.go

+3 −20
Original line number Diff line number Diff line
@@ -97,32 +97,15 @@ func createLibcoreRules() []*rule { 
		"external/wycheproof",

	}



	var coreModules = []string{

		"core-all",

		"core-oj",

		"core-libart",

		"okhttp",

		"bouncycastle",

		"conscrypt",

		"apache-xml",

	}



	// Core library constraints. Prevent targets adding dependencies on core

	// library internals, which could lead to compatibility issues with the ART

	// mainline module. They should use core.platform.api.stubs instead.

	// Core library constraints. The no_standard_libs can only be used in core

	// library projects. Access to core library targets is restricted using

	// visibility rules.

	rules := []*rule{

		neverallow().

			notIn(append(coreLibraryProjects, "development")...).

			with("no_standard_libs", "true"),

	}



	for _, m := range coreModules {

		r := neverallow().

			notIn(coreLibraryProjects...).

			with("libs", m).

			because("Only core libraries projects can depend on " + m)

		rules = append(rules, r)

	}

	return rules

}

android/neverallow_test.go

+0 −11
Original line number Diff line number Diff line
@@ -137,17 +137,6 @@ var neverallowTests = []struct { 
		},

		expectedError: "",

	},

	{

		name: "dependency on core-libart",

		fs: map[string][]byte{

			"Blueprints": []byte(`

				java_library {

					name: "needs_core_libart",

					libs: ["core-libart"],

				}`),

		},

		expectedError: "Only core libraries projects can depend on core-libart",

	},

	{

		name: "java_device_for_host",

		fs: map[string][]byte{