New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rust-lld: error: duplicate symbol: security_txt #11
Comments
+1 on this, we're having exactly the same problem. this issue is quite old, this repo is still maintained? |
I see the issue. When using another smart-contract as dependency it also generates it's security.txt. Dependencies have to omit emitting the security.txt. Solana contracts already use the We have brainstormed a bit, but there doesn't seem to be a fool-proof solution for solving this automatically. So there isn't much we can do about that from the perspective from this crate. The decision to include or not include the macro always has to happen from the caller, and we cannot introspect if the parent is compiled with This aspect is currently lacking from the documentation, working on a pull-request to fix this, and make it very clear that if you expect to be included as dependency and have an exposed #[cfg(not(feature = "no-entrypoint"))]
security_txt! {
...
} Unfortunately, this issue means contracts that currently do not do this cannot be used as a dependency until they are updated. |
Thanks to the help of @w4rum, we've opened pull request on all relevant repositories we could find. Once they are merged, this issue should be solved. Closing for now. Please let me know if you still encounter this issue anywhere! |
Thank you for working out a solution @tlambertz , and thank you @w4rum implementing this fix over in nosana-ci/nosana-programs#2 ! Much appreciated! 🙏 |
When compiling multiple Anchor programs from the same workspace, we get this error.
Directory structure:
When we set the dependency in only 1 program we do not get the error.
Note; the error occurs when we
use
the crate and try the utilize the macro, like soEDIT
Upon further checking, it seems other programs inherit the security txt setting when they have dependency with a program that already has a security-txt
In below example,
program-2
inherits the security-txt settings fromprogram-1
and cannot set it's own. Also block explorers show the wrong entry.Are we doing something wrong, or is this unintended behaviour?
We would like to have a unique security report for each of our programs and have them depend on each other for CPI purposes.
Thanks in advance!
The text was updated successfully, but these errors were encountered: