split zig toolchain to zig/zigcc

[waruqi]

#7372

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request refactors the integration of the Zig toolchain within Xmake by separating its functionality into dedicated toolchains for Zig language compilation and C/C++ cross-compilation. This enhances modularity, clarifies usage, and centralizes the logic for detecting target architectures, making the build system more robust and easier to manage for projects leveraging Zig's diverse capabilities.

Highlights

• Toolchain Separation: The existing 'zig' toolchain has been split into two distinct toolchains: 'zig' for Zig language compilation and 'zigcc' for using Zig as a C/C++ compiler.
• New 'zigcc' Toolchain: A new 'zigcc' toolchain was introduced, encapsulating the logic for setting up Zig as a C/C++ compiler, including wrapper scripts for various C/C++ tools (cc, c++, ar, etc.).
• Refactored 'zig' Toolchain: The original 'zig' toolchain was refactored to remove all C/C++ related configurations and wrapper setup, focusing solely on Zig language compilation.
• Centralized Target Detection: A new utility function, get_zig_target, was added to xmake/modules/private/utils/toolchain.lua to centralize the logic for determining the Zig target architecture, which is now used by both 'zig' and 'zigcc' toolchains.
• Configuration Updates: Example project configurations in xmake.lua files were updated to reflect the new toolchain structure, using zig@zigcc for C++ projects and simplifying the zig toolchain usage for pure Zig projects.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Changelog

• .gitignore
  • Added '.claude' to the ignore list.
• tests/projects/c++/console_zig_cxx/xmake.lua
  • Updated the toolchain configuration to explicitly use 'zig@zigcc' for C++ compilation.
• tests/projects/zig/console_c_call_zig/xmake.lua
  • Simplified the Zig toolchain configuration by removing the explicit 'zigcc = false' option.
• xmake/modules/private/utils/toolchain.lua
  • Introduced a new utility function get_zig_target to determine the Zig target architecture based on the toolchain's configuration.
• xmake/toolchains/zig/xmake.lua
  • Removed the C/C++ compiler wrapper setup and related toolset configurations.
  • Delegated the Zig target detection to the newly introduced toolchain_utils.get_zig_target function.
• xmake/toolchains/zigcc/xmake.lua
  • Added a new toolchain definition for 'zigcc', specifically for using Zig as a C/C++ compiler.
  • Implemented the wrapper setup for various C/C++ tools (cc, c++, ar, etc.) within this new toolchain.
  • Configured target flags for C/C++ compilation using the toolchain_utils.get_zig_target function.

Activity

• No specific activity (comments, reviews, progress) has been recorded for this pull request yet.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request refactors the Zig toolchain by splitting it into zig for compiling Zig code and zigcc for using Zig as a C/C++ compiler, which is a great improvement for clarity and modularity. However, a critical security vulnerability was identified in the zigcc toolchain's wrapper script setup: the use of a shared temporary directory for wrapper scripts can lead to local code execution on multi-user systems. This should be addressed by using a more secure, user-specific location for these scripts. Additionally, a few areas were found where the code can be further improved for maintainability and to follow best practices.

[gemini-code-assist]

The _setup_zigcc_wrapper function creates wrapper scripts in a predictable, shared temporary directory (os.tmpdir()/zigcc). On multi-user systems (like Linux), an attacker can pre-create these files with malicious content. Since the code checks for the existence of the file before writing (if not os.isfile(wrapper_path)), it will not overwrite an existing malicious script. This allows an attacker to execute arbitrary code with the privileges of any user who runs xmake with the zigcc toolchain.

To remediate this, use a more secure location for the wrapper scripts, such as a directory within the user's home directory or a project-specific directory. If a temporary directory must be used, ensure it is unique to the user and has restricted permissions (e.g., 0700).

[gemini-code-assist]

The set_kind("standalone") declaration has been removed. Since the zig toolchain can still be used as a standalone toolchain for Zig language projects (as seen in the test cases), it seems this declaration should be kept for clarity and correctness, similar to other language toolchains like dlang, rust, etc. Please consider adding it back.

    set_kind("standalone")
    set_homepage("https://ziglang.org/")

[gemini-code-assist]

The logic for finding the zig executable is duplicated in xmake/toolchains/zig/xmake.lua and xmake/toolchains/zigcc/xmake.lua. To improve maintainability and avoid code duplication, this logic could be extracted into a new utility function in xmake/modules/private/utils/toolchain.lua.