starred/git-ai
1
0
Fork 0
mirror of https://github.com/git-ai-project/git-ai.git synced 2026-04-24 22:05:57 +03:00
Code Issues 53 Projects Releases 5 Packages Wiki Activity

[PR #513] fix: use musl static linking to eliminate GLIBC dependency for Linux binaries #527

New issue
Open
opened 2026-03-02 04:13:53 +03:00 by kerem · 0 comments
kerem commented 2026-03-02 04:13:53 +03:00
Owner
Copy link

Original Pull Request: https://github.com/git-ai-project/git-ai/pull/513

State: open
Merged: No

fix: use musl static linking to eliminate GLIBC dependency for Linux binaries

Summary

Addresses #509 — pre-built Linux binaries currently require GLIBC 2.29+ (built on ubuntu:20.04 / GLIBC 2.31), which breaks on CentOS 8, RHEL 8, Debian 10, and other older Linux systems.

Instead of lowering the GLIBC floor (which would require an EOL build image), this PR switches Linux release builds to musl static linking, producing fully self-contained binaries with zero GLIBC dependency.

Changes:

  1. release.yml: Switch Linux build targets from x86_64-unknown-linux-gnu / aarch64-unknown-linux-gnu to their -musl equivalents. Docker build image changed from ubuntu:20.04 to ubuntu:22.04 (maintained). Install musl-tools instead of libssl-dev.
  2. release.yml: Replace the old GLIBC version logging with a static-linking assertion — the release build will now fail if ldd reports the binary as dynamically linked.
  3. install.sh: No functional changes (net diff is a cosmetic blank line).

Artifact names (git-ai-linux-x64, git-ai-linux-arm64) are unchanged — this is a drop-in replacement from the user's perspective.

Review & Testing Checklist for Human

  • musl build has NOT been tested end-to-end: PR CI does not exercise the release workflow (workflow_dispatch only). A dry-run release build (workflow_dispatch with dry_run: true) is strongly recommended before merging to confirm the musl build succeeds for both x64 and arm64.
  • rusqlite bundled SQLite compilation with musl: rusqlite compiles SQLite from C source using cc. Verify musl-gcc (from musl-tools) correctly compiles this on both x64 and arm64. This is the most likely build failure point.
  • Static linking verification pattern: The ldd output check uses grep -q 'not a dynamic executable\|statically linked'. Confirm this matches the actual ldd output for musl binaries on the Ubuntu 22.04 runner (the exact message can vary by ldd version).
  • Binary size and runtime behavior: musl static binaries are typically larger and use musl's allocator instead of glibc's. For a CLI tool this should be negligible, but worth a quick sanity check (run the binary, check --version, try a commit).

Recommended test plan:

  1. Trigger a dry-run release build to confirm both x64 and arm64 musl builds succeed
  2. Download the resulting binaries and verify with file <binary> (should say "statically linked") and ldd <binary> (should say "not a dynamic executable")
  3. Test the binary on a system with old GLIBC (e.g., CentOS 8 / Debian 10) to confirm it runs

Notes

**Original Pull Request:** https://github.com/git-ai-project/git-ai/pull/513 **State:** open **Merged:** No --- # fix: use musl static linking to eliminate GLIBC dependency for Linux binaries ## Summary Addresses #509 — pre-built Linux binaries currently require GLIBC 2.29+ (built on `ubuntu:20.04` / GLIBC 2.31), which breaks on CentOS 8, RHEL 8, Debian 10, and other older Linux systems. Instead of lowering the GLIBC floor (which would require an EOL build image), this PR switches Linux release builds to **musl static linking**, producing fully self-contained binaries with **zero GLIBC dependency**. **Changes:** 1. **`release.yml`**: Switch Linux build targets from `x86_64-unknown-linux-gnu` / `aarch64-unknown-linux-gnu` to their `-musl` equivalents. Docker build image changed from `ubuntu:20.04` to `ubuntu:22.04` (maintained). Install `musl-tools` instead of `libssl-dev`. 2. **`release.yml`**: Replace the old GLIBC version logging with a static-linking assertion — the release build will now fail if `ldd` reports the binary as dynamically linked. 3. **`install.sh`**: No functional changes (net diff is a cosmetic blank line). Artifact names (`git-ai-linux-x64`, `git-ai-linux-arm64`) are unchanged — this is a drop-in replacement from the user's perspective. ## Review & Testing Checklist for Human - [ ] **musl build has NOT been tested end-to-end**: PR CI does not exercise the release workflow (`workflow_dispatch` only). A dry-run release build (`workflow_dispatch` with `dry_run: true`) is **strongly recommended** before merging to confirm the musl build succeeds for both x64 and arm64. - [ ] **`rusqlite` bundled SQLite compilation with musl**: `rusqlite` compiles SQLite from C source using `cc`. Verify `musl-gcc` (from `musl-tools`) correctly compiles this on both x64 and arm64. This is the most likely build failure point. - [ ] **Static linking verification pattern**: The `ldd` output check uses `grep -q 'not a dynamic executable\|statically linked'`. Confirm this matches the actual `ldd` output for musl binaries on the Ubuntu 22.04 runner (the exact message can vary by `ldd` version). - [ ] **Binary size and runtime behavior**: musl static binaries are typically larger and use musl's allocator instead of glibc's. For a CLI tool this should be negligible, but worth a quick sanity check (run the binary, check `--version`, try a commit). **Recommended test plan:** 1. Trigger a dry-run release build to confirm both x64 and arm64 musl builds succeed 2. Download the resulting binaries and verify with `file <binary>` (should say "statically linked") and `ldd <binary>` (should say "not a dynamic executable") 3. Test the binary on a system with old GLIBC (e.g., CentOS 8 / Debian 10) to confirm it runs ### Notes - Link to Devin run: https://app.devin.ai/sessions/ca466e0eab5d40a0a4f8b365e6dfd7bc - Requested by: @svarlamov
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
fix/windsurf-dirty-type-fix
sessions-v2-drop-legacy-wrapper
sessions-v2
johnw/review-fix-tests
johnw/review-attribution-test-guidelines
johnw/review-integration-tests
johnw/review-refactor-api
johnw/review-silent-errors
johnw/review-harden-daemon
dependabot/cargo/cargo-1a59d422c9
johnw/synopsis
codex/windows-daemon-restart-upgrade-fix
dependabot/npm_and_yarn/agent-support/vscode/main/eslint-10.2.1
dependabot/cargo/main/interprocess-2.4.2
dependabot/npm_and_yarn/agent-support/vscode/main/typescript-6.0.3
dependabot/npm_and_yarn/agent-support/vscode/main/vscode/vsce-3.9.1
dependabot/cargo/main/openssl-0.10.78
dependabot/npm_and_yarn/agent-support/vscode/main/typescript-eslint/eslint-plugin-8.58.2
dependabot/cargo/main/ureq-3.3.0
dependabot/npm_and_yarn/agent-support/opencode/main/opencode-ai/plugin-1.14.19
dependabot/npm_and_yarn/agent-support/vscode/main/types/vscode-1.116.0
dependabot/cargo/main/tokio-1.52.1
dependabot/npm_and_yarn/agent-support/opencode/main/typescript-6.0.3
dependabot/cargo/main/uuid-1.23.1
worktree-agent-a97fd8c7
fix/partial-add-commit-attribution
perf/daemon-ingest-scalability
fix/daemon-wrapper-daemon-flakiness
johnw/nix-fix
fix/partial-stage-attribution-carryover
fix/rebase-notes-loss-v2
fix/issue-1025-reset-performance
fix/attribution-carryover-on-partial-commit
stats-bar-untracked
fix/rebase-notes-loss
fix/amend-total-additions-inflation
fix/sibling-heuristic-v2
fix/sibling-git-ai-heuristic
fix/total-additions-reset-inherited-prompts
feat/known-human-notepad-plus-plus
feat/known-human-eclipse
feat/known-human-zed
bump-stats-line-limit
feat/known-human-vim
feat/known-human-sublime-text
feat/known-human-visual-studio
feat/known-human-neovim
feat/known-human-xcode
johnw/review-vscode-extension
worktree-feat+git-version-warning
worktree-issue-211-empty-authorship
johnw/missing-notes
johnw/bash-support
feat/prompt-event-fields
devin/1775438423-filter-mock-ai-metrics
fix/external-rebase-preserves-ai-notes
devin/1775442585-mtime-race-checkpoint-promotion
fix/rebase-attribution-remaining-issues
fix/rebase-attribution-pull-rebase-no-verify-autosquash
fix/am-attribution-patch-headers
codeql-java-kotlin-fix
feat-log-dump-command
fix/allow-checkpoint-saving-when-debug-enabled
fix/async-mode-notes-sync
codex/fix-local-debug-daemon-connect
codex/cursor-explicit-checkpoint-paths
devin/1774989709-sentry-sdk-migration
devin/1775066168-fix-merge-commit-stats
devin/1775066000-disable-auth-feature-flag
feat-test-missing-notes-post-push
feat/ssh-alias-resolution
devin/1774936075-fix-show-prompt-commit-scope
fix/issue-870-preserve-prompts-in-ci-squash
devin/1774931412-amend-no-edit-regression
enable-flush-dev-logs
fix/async-mode-test-default
async-mode-default
fix/install-async-mode-config
feat/prompt-event-metric
perf/streaming-fast-import
claude/track-agent-version-WEWmR
hunk-opt
perf/checkpoint-2x-speedup
feat/sharded-notes-refs
remove/git-hooks-hard-cutover
perf/rebase-parallel-notes-and-file-reads
codex/windows-readonly-wrapper-fast-path
fix/stale-daemon-recovery
dev/simulate-authorship
devin/1774410513-cloud-default-ai-attribution
codex/fix-wrapper-default-hooks-forwarding
codex/daemon-phase1
codex/metrics-db-reliability-v2
codex/checkpoint-stress-benchmarks
codex/hook-telemetry-followups
johnw/fix-371
devin/1772084830-perf-batch-git-calls
devin/1772226661-fix-windows-paths-all-agents
codex/pathspec-benchmark-fastpath-fixes
codex/graphite-attribution-suite
codex/cherry-pick-hooks-perf-fix
devin/1771643297-memory-overflow-fixes
devin/1771642821-add-client-metrics-events
devin/1771599590-hooks-rebase-perf
devin/1771642594-memory-overflow-replication
fix/no-write-agent-metrics
fix/makosblade/migrate-initial-attributions
claude/fix-issue-426-buWz9
fix/misc-ci-cd-workflow-patches
feat/large-attr-perf-work
uninstall
feat/prompt-discovery
feat/cursor-tab-hooks
feat/git-diff-engine-experiments
fix/push-rewrite
fix/push
fix/mac-ci
fix/multi-push-signing-bug
wip/stats-delta-2
fix/seconds-waiting
feat/nicer-ci-stats
fix/range-stats-including-other-blames
fix/windows-initial-testing
fix/193
fix/authorship-saved-stats
feat/sentry
fix/bug-git-diff-diverges-on-duplicate-lines
fix/bug-squash
fix/rewrite-performance
fix/cursor-sqlite-prompt-race
fix/commit-single
fix/retain-all-prompts-in-authorship
feat/mockai-pathspecs
fix/time-on-initial
feat/dmp-rewrite-ops
feat/ignore-prev-ai-blame-for-perf
fix/ai-blame-file-paths-rel
fix/build-matrix
docs/update-enterprise-installation-opts
feat/agent_fmt1_preset
docs-support
fix/bare-repo-stats
fix/sync-authorship
feat/distributed-authorship
fix/pre-commit-performance2
feat/test-refactor
fix/commit-performance
feat/pop-stash-apply
feat/enterprise-allowlist
fix/conflicts-skipped
fix/merge-squash-new-method
fix/merge-squash
feat/post-commit-stats
feat/git-notes-for-authorship
fix/ai-blame-rename
fix/empty-repo
fix/unstaged-in-log
feat/git-notes-namespace
feat/local-rewrites-authorship
feat/handle-git-alias
feat/faster-checkpoints-slimmer-storage
feat/dev-env-setup
feat/cursor-hooks-auto-install
fix/ai-blame
fix/blame-issues
fix/perf
feat/cursor-preset
test
fix/pull-unplanned
fix/attribution-above-fix
feat/count-total-lines-per-prompt
feat/new-authorship-log-format
fix/windows-ci
feat/claude-cursor-presets
feat/git-compat
feat/track-squash-rebase
save-prompts
fix-git-push-rewrite
fix-linux-release
arm-linux-support
git-ai-stats-command
fix-new-files-not-getting-authorship
testing123
example123
fix/default-ref-upload
proxy
feat/proxy
fix/release-script-testing
fix/subdir-repo-not-found
cursor-extension
feat/demo-pr-comments
tests/in-ci
feat/test-suite-
fix-init
v1.3.4
v1.3.3
v1.3.2
v1.3.1
v1.3.0
v1.3.0-next-ba657b6
v1.3.0-next-a1321a5
v1.3.0-next-bacf066
v1.3.0-next-380a1f8
v1.2.8
v1.2.7
v1.2.7-next-e025db4
v1.2.7-next-f211688
v1.2.7-next-d2c85a4
v1.2.6
v1.2.5
v1.2.4
v1.2.4-next-46cbbb1
v1.2.4-next-051dfb9
v1.2.3
v1.2.2
v1.2.1
v1.1.23
v1.1.22
v1.1.21
v1.1.21-next-10b781d
v1.1.20
v1.1.20-next-2a8c946
v1.1.20-next-78623c6
v1.1.19
v1.1.18
v1.1.17
v1.1.16
v1.1.15
v1.1.14
v1.1.13
v1.1.12
v1.1.11
v1.1.11-next-81a4693
v1.1.10
v1.1.9
v1.1.8
v1.1.7
v1.1.7-next-7130b7a
v1.1.6
v1.1.6-next-b4b5f72
v1.1.6-next-3caf774
v1.1.5
v1.1.5-next-2d722eb
v1.1.4
v1.1.3
v1.1.2
v1.1.1-next-6ad2609
v1.1.1
v1.1.1-next-2772a32
v1.1.1-next-339d3a7
v1.0.42
v1.0.41
v1.0.40
v1.0.40-next-8d61135
v1.0.40-next-e763fe3
v1.0.39
v1.0.39-next-024d7cc
v1.0.38
v1.0.38-next-6927f27
v1.0.38-next-9863bf9
v1.0.38-next-ad241de
v1.0.37
v1.0.37-next-55ecea6
v1.0.36
v1.0.36-next-cec0576
v1.0.36-next-8b2936f
v1.0.35
v1.0.35-next-46ac366
v1.0.34
v1.0.34-next-9a90ccd
v1.0.33
v1.0.32
v1.0.32-next-b12d980
v1.0.31
v1.0.30
v1.0.30-next-29e16e1
v1.0.29
v1.0.29-next-93e7b75
v1.0.29-next-c7b2509
v1.0.29-next-7de1eb6
v1.0.29-next-c22b5ba
v1.0.28-next-2ef1b24
v1.0.28
v1.0.27
v1.0.26
v1.0.26-next-7b539aa
v1.0.26-next-3b147bf
v1.0.26-next-fca1a3c
v1.0.25
v1.0.24
v1.0.24-next-df615a7
v1.0.23
v1.0.23-next-5b6a63c
v1.0.23-next-7236db5
v1.0.23-next-96e7686
v1.0.23-next-2c08a4e
v1.0.22-next-b27457a
v1.0.22
v1.0.22-next-d75088f
v1.0.22-next-28c081b
v1.0.22-next-c39b714
v1.0.21
v1.0.21-next-06f6e8c
v1.0.20
v1.0.19
v1.0.18
v1.0.17
v1.0.16
v1.0.15
v1.0.14
v1.0.13
v1.0.12
v1.0.11
v1.0.11-prerelease
v1.0.10
v1.0.9
v1.0.8
v1.0.7
v1.0.6
v1.0.5
v1.0.4
v1.0.3
v1.0.2
v1.0.1
v1.0.0
v0.2.7
v0.2.6
v0.2.5
v0.2.4
v0.2.3
v0.2.2
v0.2.0
v0.1.6
v0.1.5
v0.1.4
v0.1.3
v0.1.2
v0.1.1
v0.1.0
Labels
Clear labels   
agent-support

   
agent-support

   
bug

   
documentation

   
enhancement

   
good first issue

   
help wanted

   
pull-request

Mirrored from GitHub Pull Request

  
question

   
windows

   
working-on
No labels
agent-support
agent-support
bug
documentation
enhancement
good first issue
help wanted
pull-request
question
windows
working-on
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/git-ai#527
No description provided.