False Alert of non-public symbols from Security.framework

Same problem here with a widely used class to access the keychain (KeychainItemWrapper.m). iOS version passed without issue, but the MacOS version failed due to Non-public API usage, looks like a false alarm but it needs to be fixed by Apple. I sent an email about this problem on 19 Feb, I got a response asking for screenshots(?!!) and I responded back yesterday and waiting for a solution. Let me know if you find a workaround.

ITMS-90338: Non-public API usage - The app references non-public symbols in Contents/MacOS/: _SecItemAdd, _SecItemCopyMatching, _SecItemDelete, _SecItemUpdate, _kSecAttrAccount, _kSecAttrDescription, _kSecAttrGeneric, _kSecAttrLabel, _kSecAttrProtocol, _kSecAttrServer, _kSecClass, _kSecClassInternetPassword, _kSecMatchLimit, _kSecMatchLimitOne, _kSecReturnAttributes, _kSecReturnData, _kSecValueData

I also ran into this problem. The iOS build runs without problems, the Mac Catalyst version throws an error:

ITMS-90338: Non-public API usage - The app references non-public symbols in Contents/Frameworks/Alamofire.framework/Versions/A/Alamofire: _SecCertificateCopyData, _SecCertificateCreateWithData, _SecPolicyCreateBasicX509, _SecPolicyCreateRevocation, _SecPolicyCreateSSL, _SecTrustCopyPublicKey, _SecTrustCreateWithCertificates, _SecTrustEvaluate, _SecTrustEvaluateWithError, _SecTrustGetCertificateAtIndex, _SecTrustGetCertificateCount, _SecTrustSetAnchorCertificates, _SecTrustSetAnchorCertificatesOnly, _SecTrustSetPolicies,The app references non-public symbols in Contents/Frameworks/GoogleUtilities.framework/Versions/A/GoogleUtilities: _SecTrustEvaluate,The app references non-public symbols in Contents/Frameworks/VK_ios_sdk.framework/Versions/A/VK_ios_sdk: _SecItemAdd, _SecItemCopyMatching, _SecItemDelete, _kSecAttrAccessible, _kSecAttrAccessibleAfterFirstUnlock, _kSecAttrAccount, _kSecAttrService, _kSecClass, _kSecMatchLimit, _kSecMatchLimitOne, _kSecReturnData, _kSecValueData,The app references non-public symbols in Contents/MacOS/Рынок Отношений: _SecItemAdd, _SecItemCopyMatching, _SecItemDelete, _SecItemUpdate, _kSecAttrAccessible, _kSecAttrAccessibleAfterFirstUnlock, _kSecAttrAccessibleAfterFirstUnlockThisDeviceOnly, _kSecAttrAccessibleAlways, _kSecAttrAccessibleAlwaysThisDeviceOnly, _kSecAttrAccessibleWhenPasscodeSetThisDeviceOnly, _kSecAttrAccessibleWhenUnlocked, _kSecAttrAccessibleWhenUnlockedThisDeviceOnly, _kSecAttrAccount, _kSecAttrApplicationTag, _kSecAttrGeneric, _kSecAttrKeyType, _kSecAttrKeyTypeRSA, _kSecAttrService, _kSecClass, _kSecClassIdentity, _kSecClassInternetPassword, _kSecClassKey, _kSecMatchLimit, _kSecMatchLimitAll, _kSecMatchLimitOne, _kSecReturnAttributes, _kSecReturnData, _kSecReturnPersistentRef, _kSecValueData. If method names in your source code match the private Apple APIs listed above, altering your method names will help prevent this app from being flagged in future submissions. In addition, note that one or more of the above APIs may be located in a static library that was included with your app. If so, they must be removed. For further information, visit the Technical Support Information at http://developer.apple.com/support/technical/

I am facing the same problem. Any news? Solutions? Workarounds?

I have the same issue with Alamofire 5

ITMS-90338: Non-public API usage - The app references non-public symbols in Contents/Frameworks/Alamofire.framework/Versions/A/Alamofire: _SecCertificateCopyData, _SecCertificateCreateWithData, _SecPolicyCreateBasicX509, _SecPolicyCreateRevocation, _SecPolicyCreateSSL, _SecTrustCopyPublicKey, _SecTrustCreateWithCertificates, _SecTrustEvaluate, _SecTrustEvaluateWithError, _SecTrustGetCertificateAtIndex, _SecTrustGetCertificateCount, _SecTrustSetAnchorCertificates, _SecTrustSetAnchorCertificatesOnly, _SecTrustSetPolicies.

I have the same issue using SAMKeychain. I've tried contacting Apple through several different support routes. Developer support, code leverl support, you name it. I'm having a VERY hard time getting any help or anyone to even acknowledge they understand or will pass this along to the App Store connect development team. Very disappointing.

They keep asking me to clear my web browser history, and this is supposed to be developer support!

♂

I just uploaded a new binary and now everything seems to works fine.

have also experienced this same problem.