Skip to content

Fix Linux release DuckDB link#393

Merged
wesm merged 2 commits into
mainfrom
ci/fix-linux-release-duckdb-link
Jun 18, 2026
Merged

Fix Linux release DuckDB link#393
wesm merged 2 commits into
mainfrom
ci/fix-linux-release-duckdb-link

Conversation

@wesm

@wesm wesm commented Jun 18, 2026

Copy link
Copy Markdown
Member

Summary

  • Build Linux release artifacts in Ubuntu 22.04 so DuckDB 1.5.4's prebuilt static libraries link against a compatible C++ runtime.
  • Log both GLIBC and GLIBCXX runtime requirements in release builds.

Test Plan

  • Reproduced the Ubuntu 20.04 Linux amd64 link failure locally.
  • Built and smoke-tested Linux amd64 in Ubuntu 22.04.
  • Built and smoke-tested Linux arm64 in Ubuntu 22.04.
  • Ran git diff --check HEAD~1..HEAD.

@roborev-ci

roborev-ci Bot commented Jun 18, 2026

Copy link
Copy Markdown

roborev: Combined Review (d27a822)

Summary verdict: One medium release compatibility risk remains; no high or critical issues were reported.

Medium

  • .github/workflows/release.yml:25 - Building the generic Linux release inside ubuntu:22.04 can raise the runtime glibc/libstdc++ baseline for msgvault_linux_* artifacts, while the installer still downloads only by OS/arch and does not enforce a minimum distro/runtime. Users on older Linux systems may receive a binary that cannot start.
    Fix: Build Linux releases against the oldest supported runtime, or explicitly raise and enforce the minimum Linux runtime in docs/installer checks. If DuckDB needs newer C++ symbols, consider statically linking or bundling the C++ runtime and add a failing compatibility threshold instead of only printing versions.

Panel: ci_default_security | Synthesis: codex, 7s | Members: codex_default (codex/default, done, 1m26s), codex_security (codex/security, done, 8s) | Total: 1m41s

@roborev-ci

roborev-ci Bot commented Jun 18, 2026

Copy link
Copy Markdown

roborev: Combined Review (8a86792)

No issues found.

Panel: ci_default_security | Synthesis: codex | Members: codex_default (codex/default, done, 3m28s), codex_security (codex/security, done, 1m0s) | Total: 4m28s

@wesm wesm merged commit 345738c into main Jun 18, 2026
11 checks passed
@wesm wesm deleted the ci/fix-linux-release-duckdb-link branch June 18, 2026 23:38
@sweenzor

sweenzor commented Jun 19, 2026

Copy link
Copy Markdown
Contributor

I broke this in #390, sorry about that!

sweenzor added a commit to sweenzor/msgvault that referenced this pull request Jun 19, 2026
@sweenzor @claude
ci(release): statically embed libstdc++ and pin the linux build image
eed230f 
Hardening on top of kenn-io#393 (which fixed the Linux release break by moving to
ubuntu:22.04, where the GCC 12 libstdc++ is available). Build with gcc-12 and
embed libstdc++/libgcc statically so the released binary has no runtime
libstdc++ (GLIBCXX) dependency; kenn-io#393 leaves it dynamically linked, requiring
GLIBCXX_3.4.30. Also pin the build image by digest, and add a guard that fails
the build if libstdc++ ever links dynamically.

Verified in a matching ubuntu:22.04 arm64 container: links cleanly, runs, no
dynamic libstdc++.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
@sweenzor sweenzor mentioned this pull request Jun 19, 2026
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@wesm @sweenzor