You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Code signing for XCFrameworks within a published app is becoming mandatory (right now breaking that requirement only shows warnings, see GH-3740). Developers can self-sign in order to ensure submission works correctly. However, as SDK distributor, we should adopt codesigning so that users can verify authenticity of the prebuilt binary frameworks they are using.
To be considered:
certs used to sign signatures expire and can be revoked - this means signatures can become invalid in the future and builds will break. there is currently no safe way around this other than re-signing and re-distributing the SDK
Description
Code signing for XCFrameworks within a published app is becoming mandatory (right now breaking that requirement only shows warnings, see GH-3740). Developers can self-sign in order to ensure submission works correctly. However, as SDK distributor, we should adopt codesigning so that users can verify authenticity of the prebuilt binary frameworks they are using.
To be considered:
Related: #3740
The text was updated successfully, but these errors were encountered: