Code signing for the open source SDKs

This endeavour is focused on SDKs distributed as binaries. It currently has no impact on libraries that you build from source. From the perspective of this effort, code that you build from source is the same as your code.

Note that most folks access open source libraries using Git, and Git has its own mechanism for handling source code integrity and signing.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hi @eskimo ! Thanks for the reply!

What about privacy manifest in this case? Should the open-source SDK include its own manifest, or should it just provide (in the README) the values for the respective nutrition labels and tracking domains to app developers so they add values to the app's privacy manifest manually?

I believe the open-source SDK should still have its own manifest, but I would like to confirm this.

Thanks in advance!

What about privacy manifest in this case?

I don’t know. I’ve not had cause to dig into the whole privacy manifest story; it’s handled by other folks here in DTS.

Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"

Hi @eskimo Is this also the case if we take the source code of let's say AFNetworking and build it into a binary dependency in our environment for our app to consume. Does this mean that we are able to provide our own privacymanifest and code signing?