[C++][Packaging] Consider stricter compiler options

apache / arrow

Apache Arrow is the universal columnar format and multi-language toolbox for fast data interchange and in-memory analytics

https://arrow.apache.org/

Apache License 2.0

14.67k stars 3.56k forks source link

[C++][Packaging] Consider stricter compiler options #39026

Open pitrou opened 12 months ago

pitrou commented 12 months ago

Describe the enhancement requested

Following the release of the Compiler Options Hardening Guide for C and C++ by the Open Source Security Foundation, we should consider hardening our compiler/linker options where doing so doesn't significantly impede performance: https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html

This would be especially important for the binaries we issue ourselves, such as Python wheels.

Component(s)

C++, Packaging

pitrou commented 12 months ago

@felipecrv @assignUser @h-vetinari FYI.

assignUser commented 12 months ago

Sounds good, will have to look into it!

assignUser commented 11 months ago

We have also recently had issues on CRAN due to conversion warnings that we apparently don't use (#39138). Is there a reason why or should we start using them for libarrow?

pitrou commented 11 months ago

You can try enabling them and see what happens. But some of them may be too strict.