Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Distributed builds, and even distributed cache of build outputs. At google scale a distributed cache means you don't even need to build anything except the smallest code unit that changed--your CI systems, etc. have already built and warmed the cache for almost any other thing you want to build.



I thought that the distributed part wasn't opensourced.


For the cache: https://docs.bazel.build/versions/master/remote-caching.html and https://github.com/buchgr/bazel-remote You can actually just set it up to use a shared S3 bucket to hold the cache.

For builds there are a few options to check out: https://github.com/jin/awesome-bazel#remote-caching-and-exec...


That all looks like a massive security vulnerability. Anyone with write access to the cache can upload a malicious build artifact and end up getting it compiled into everyone else's binaries, effectively giving them access to act as any developer or the ability to get their code sneaked into a release undetected. The page doesn't describe that risk at all!




Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: