Issue with 'Multiple precompiled assemblies with the same name Google.Protobuf.dll'

[plaarakkers-trifork]

Hello,

We are running in an issue when we are using the barracuda package in combination with the media pipe package (https://github.com/homuler/MediaPipeUnityPlugin). That package is build and installed as a file package and the barracuda package from a github link.

When Unity resolves the packages this results in an error message about Multiple precompiled assemblies with the same name Google.Protobuf.dll in the Runtime/Plugins folder in package cache for the barracuda package in combination with the Runtime/Plugins for the mediapipe package.

A workaround for us now seems to be to also use the file installation for the needed version of barracuda and remove the Google.Protobuf from the Runtim/Plugins from a github download. This results in a custom version for the barracuda package with possible future upgrade issues and where we are not sure what we are missing without the Google.Protobuf.

Reproduce steps:

• Build the package from https://github.com/homuler/MediaPipeUnityPlugin and add this to a Unity project.
• Add the Barracuda package.
• When resolving everything the result is the error message about the multiple precompiled assemblies.

[mantasp]

This is expected collision with 3rd party packages that include the same library and current solution is to remove duplicate library either from Barracuda or from other package.

[djee-ms]

Hi @mantasp,

Please reopen this issue and reconsider.

By shipping a Unity package with a NuGet DLL in it, especially one as famous as Google's ProtoBuf which increases the chances of collision, you're blocking all other packages out there and all user projects, with no actionable way for users to solve this issue. As you stated, the solution is to remove the DLL from Barracuda, which users can't do. The alternative is to keep the DLL you ship, which is not possible for 2 reasons:

1. You're forcing a specific version of that DLL (3.9.1 as of your 3.0.0 release) which is 3 years old (!), is unlikely to be compatible with the one that another library or a user project intended to use (for example, it's incompatible with code generated by the latest release 3.21.x).

2. You're preventing them from upgrading to another version, which is a security issue. You're shipping 3.9.1 which is marked on nuget.org has having one vulnerability with high severity. Here's the Advisory: https://github.com/advisories/GHSA-77rm-9x9h-xj3g This is both dangerous for your users and will prevent any project from any company with a security policy regarding vulnerabilities from using your package.

[tichise]

This also occurred in my environment. This problem is a problem every time I use multiple Google libraries.

[RatkoJ]

Just to re-raise this issue. I am currently stuck with the exact problem that @djee-ms describes.

1. I cannot remove the Protobuf DLL from Barracuda.
2. I cannot use the Barracuda-supplied Protobuf DLL because the existing code generated using 3.23 doesn't compile.

What is the recommended solution here?

EDIT: I was able to remove the whole Protobuf folder from Library/PackageCache/com.unity.barracuda... This is a temporary hack since every dev has to make this change manually.