Skip to content

feat: add security.json initialization as default with anchor init and integrate program-metadata to deploy the security file on-chain#4177

Open
BretasArthur1 wants to merge 7 commits into
otter-sec:masterfrom
BretasArthur1:feat/security-metadata
Open

feat: add security.json initialization as default with anchor init and integrate program-metadata to deploy the security file on-chain#4177
BretasArthur1 wants to merge 7 commits into
otter-sec:masterfrom
BretasArthur1:feat/security-metadata

Conversation

@BretasArthur1

@BretasArthur1 BretasArthur1 commented Jan 12, 2026

Copy link
Copy Markdown
Contributor

Description

  • Add as default the initialization of the security.json file under the root dir with default template.
  • Integrate under the anchor program deploy the possibility to deploy the security.json file on-chain with the program-metadata-program
  • Fix a CLI comment reflecting the actual implementation of the Verify feature ( I missed it when I implemented the Verify tool)

Tests

File generated :
Screenshot 2026-01-12 at 12 14 51 AM

File deployed
Screenshot 2026-01-12 at 12 09 57 AM

@vercel

vercel Bot commented Jan 12, 2026

Copy link
Copy Markdown

@BretasArthur1 is attempting to deploy a commit to the Solana Foundation Team on Vercel.

A member of the Team first needs to authorize it.

@BretasArthur1

Copy link
Copy Markdown
Contributor Author

Should we have a fetch security using pmp as well? (Open question)

@Woody4618 Woody4618 left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nice!

Comment thread cli/src/program.rs Outdated

@jamie-osec jamie-osec left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you use/refactor the existing PMP machinery?

@BretasArthur1

Copy link
Copy Markdown
Contributor Author

Can you use/refactor the existing PMP machinery?

Ok!

@BretasArthur1 BretasArthur1 requested a review from jamie-osec June 8, 2026 23:59
@BretasArthur1 BretasArthur1 force-pushed the feat/security-metadata branch from 86df751 to 9f0028a Compare June 9, 2026 00:01
Comment thread cli/src/rust_template.rs Outdated
Comment thread cli/src/metadata.rs Outdated
@jamie-osec

Copy link
Copy Markdown
Collaborator

Also can you please fix the conflicts 😁

@BretasArthur1 BretasArthur1 requested a review from jamie-osec June 27, 2026 16:43
@BretasArthur1 BretasArthur1 force-pushed the feat/security-metadata branch from c120cc3 to dec720b Compare June 27, 2026 16:50
@BretasArthur1

BretasArthur1 commented Jun 27, 2026

Copy link
Copy Markdown
Contributor Author

Hey @jamie-osec, I introduced a new MetadataCommand agnostic enum, unifying the running logic and added a new SecurityCommand enum as well to handle the security metadata machinery. Both Idl and Security now use the same running logic from MetadataCommand status() and they introduce a new method in both SecurityCommand and IdlSubcommandKind to transform them into a MetadataCommand variant.

Comment thread cli/src/lib.rs Outdated
Comment thread cli/src/lib.rs Outdated
@jamie-osec

Copy link
Copy Markdown
Collaborator

LGTM aside from the comments

@BretasArthur1

Copy link
Copy Markdown
Contributor Author

addressing both asap

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants