bazelbuild
diff --git a/‎apple/internal/ios_rules.bzl‎
Lines changed: 4 additions & 6 deletions b/‎apple/internal/ios_rules.bzl‎
Lines changed: 4 additions & 6 deletions
diff --git a/‎apple/internal/macos_rules.bzl‎
Lines changed: 4 additions & 6 deletions b/‎apple/internal/macos_rules.bzl‎
Lines changed: 4 additions & 6 deletions
diff --git a/‎apple/internal/secure_features_support.bzl‎
Lines changed: 28 additions & 6 deletions b/‎apple/internal/secure_features_support.bzl‎
Lines changed: 28 additions & 6 deletions
@@ -2989,10 +2989,8 @@ that this target depends on.
     ],
 )
 
-_STATIC_FRAMEWORK_DEPS_CFG = transition_support.apple_platform_split_transition
-
 ios_static_framework = rule_factory.create_apple_rule(
-    cfg = transition_support.apple_platforms_rule_base_transition,
+    cfg = transition_support.apple_rule_transition,
     doc = """Builds and bundles an iOS static framework for third-party distribution.
 
 A static framework is bundled like a dynamic framework except that the embedded
@@ -3035,7 +3033,7 @@ i.e. `--features=-swift.no_generated_header`).""",
     attrs = [
         apple_support.platform_constraint_attrs(),
         rule_attrs.binary_linking_attrs(
-            deps_cfg = _STATIC_FRAMEWORK_DEPS_CFG,
+            deps_cfg = transition_support.apple_platform_split_transition,
             extra_deps_aspects = [
                 apple_resource_aspect,
                 framework_provider_aspect,
@@ -3044,7 +3042,7 @@ i.e. `--features=-swift.no_generated_header`).""",
             requires_legacy_cc_toolchain = True,
         ),
         rule_attrs.common_bundle_attrs(
-            deps_cfg = _STATIC_FRAMEWORK_DEPS_CFG,
+            deps_cfg = transition_support.apple_platform_split_transition,
         ),
         rule_attrs.common_tool_attrs(),
         rule_attrs.device_family_attrs(
@@ -3062,7 +3060,7 @@ i.e. `--features=-swift.no_generated_header`).""",
                 doc = "Private attribute to generate Swift interfaces for static frameworks.",
             ),
             "avoid_deps": attr.label_list(
-                cfg = _STATIC_FRAMEWORK_DEPS_CFG,
+                cfg = transition_support.apple_platform_split_transition,
                 doc = """
 A list of library targets on which this framework depends in order to compile, but the transitive
 closure of which will not be linked into the framework's binary.
 
@@ -3696,10 +3696,8 @@ that this target depends on.
     ],
 )
 
-_STATIC_FRAMEWORK_DEPS_CFG = transition_support.apple_platform_split_transition
-
 macos_static_framework = rule_factory.create_apple_rule(
-    cfg = transition_support.apple_platforms_rule_base_transition,
+    cfg = transition_support.apple_rule_transition,
     doc = """Builds and bundles a macOS static framework for third-party distribution.
 
 A static framework is bundled like a dynamic framework except that the embedded
@@ -3742,7 +3740,7 @@ i.e. `--features=-swift.no_generated_header`).""",
     attrs = [
         apple_support.platform_constraint_attrs(),
         rule_attrs.binary_linking_attrs(
-            deps_cfg = _STATIC_FRAMEWORK_DEPS_CFG,
+            deps_cfg = transition_support.apple_platform_split_transition,
             extra_deps_aspects = [
                 apple_resource_aspect,
                 framework_provider_aspect,
@@ -3751,7 +3749,7 @@ i.e. `--features=-swift.no_generated_header`).""",
             requires_legacy_cc_toolchain = True,
         ),
         rule_attrs.common_bundle_attrs(
-            deps_cfg = _STATIC_FRAMEWORK_DEPS_CFG,
+            deps_cfg = transition_support.apple_platform_split_transition,
         ),
         rule_attrs.common_tool_attrs(),
         rule_attrs.device_family_attrs(
@@ -3768,7 +3766,7 @@ i.e. `--features=-swift.no_generated_header`).""",
                 doc = "Private attribute to generate Swift interfaces for static frameworks.",
             ),
             "avoid_deps": attr.label_list(
-                cfg = _STATIC_FRAMEWORK_DEPS_CFG,
+                cfg = transition_support.apple_platform_split_transition,
                 doc = """
 A list of library targets on which this framework depends in order to compile, but the transitive
 closure of which will not be linked into the framework's binary.
 
@@ -20,10 +20,6 @@ visibility([
     "//apple/internal/...",
 ])
 
-# TODO: b/449684779 - Stand up a solution for allowing arm64e as a target arch in a transition when
-# building for devices. Simulators don't have adequate support yet (FB20484613), so consider
-# fail-ing or warning until that's resolved.
-
 # The name of the secure feature that's required for opting into any set of enhanced security
 # features on Xcode 26.0 or later.
 #
@@ -149,7 +145,7 @@ def _entitlements_from_secure_features(
         secure_features,
         xcode_version):
     if not secure_features:
-        return []
+        return {}
 
     for feature_name in secure_features:
         if not feature_name.startswith("apple."):
@@ -179,7 +175,7 @@ attempting to explicitly disable the feature via minus prefixed feature names, s
     # Check that we're building with Xcode 26.0 or later. If not, return an empty list to signal
     # that no entitlements are supported or needed for this build.
     if not xcode_version >= apple_common.dotted_version("26.0"):
-        return []
+        return {}
 
     # Build a set of all of the entitlements that are required by the requested secure features.
     required_entitlements = dict()
@@ -191,7 +187,33 @@ attempting to explicitly disable the feature via minus prefixed feature names, s
 
     return required_entitlements
 
+def _environment_archs_from_secure_features(
+        *,
+        enable_wip_features,
+        environment_archs,
+        secure_features):
+    # TODO: b/449684779 - Migrate users to secure_features behind an allowlist when it's ready for
+    # onboarding. Remove this "enable_wip_features" check once pointer_authentication is onboarded.
+    if not enable_wip_features:
+        return environment_archs
+
+    # Leave environment_archs as-is if pointer_authentication is explicitly requested, since we can
+    # assume that arm64e does not need to be removed from the list of architectures to build for.
+    if "pointer_authentication" in secure_features:
+        return environment_archs
+
+    # TODO: b/449684779 - Simulators don't have adequate support yet (FB20484613), so further
+    # consider fail-ing or warning if we have arm64e + simulator + pointer_authentication until
+    # that's resolved.
+
+    return [
+        environment_arch
+        for environment_arch in environment_archs
+        if not environment_arch.endswith("arm64e")
+    ]
+
 secure_features_support = struct(
     crosstool_features_from_secure_features = _crosstool_features_from_secure_features,
     entitlements_from_secure_features = _entitlements_from_secure_features,
+    environment_archs_from_secure_features = _environment_archs_from_secure_features,
 )