keychain-swift icon indicating copy to clipboard operation
keychain-swift copied to clipboard

Published 20 hours ago verified publisher icon evgenyneu

Apple Privacy Manifest and Signing.

Open JLLA113 opened this issue 6 months ago • 2 comments

Hi,

Here with a possible issue or doubt.

Related to the Privacy Manifest I see that version 21.0.0 supports Privacy Manifest, but also Apple says that is mandatory to sign the sdk by the developer.

"Signatures are also required when the SDK is used as a binary dependency. This functionality is a step forward for all apps, and we encourage all SDKs to adopt it to better support the apps that depend on them."

Is it planned to integrate that?

Reference: https://developer.apple.com/news/?id=r1henawx

Thanks

JLLA113 avatar Feb 01 '24 22:02 JLLA113

If signing is required then yes. Anyone knows how to sign a library?

evgenyneu avatar Feb 01 '24 23:02 evgenyneu

I don't think that you should sign, unless you are delivering a binary (usually in releases). The binary can be signed in the usual way. I believe that most open-source projects do this anyway.

Otherwise, the Git tags and commit hashes can provide a pretty good signing. I think that it may be possible to do more intense tags, but I've never bothered.

ChrisMarshallNY avatar Feb 04 '24 14:02 ChrisMarshallNY