we don't currently empty out the environment, which means that paths like HOME are totally available for caching, config files, etc. Not isolated even a little!
What we want: create a fake HOME, then look through it after the build completes. If the build leaves anything in it, issue a warning. Eventually this will be an error, but for now we don't have any way to work with mutable caches so we should be a little gentler.
we don't currently empty out the environment, which means that paths like
HOME
are totally available for caching, config files, etc. Not isolated even a little!What we want: create a fake
HOME
, then look through it after the build completes. If the build leaves anything in it, issue a warning. Eventually this will be an error, but for now we don't have any way to work with mutable caches so we should be a little gentler.