Hello,

According to Upcoming third-party SDK requirements, starting this spring, iOS apps using BoringSSL or OpenSSL need to have a Privacy manifest file when submitted to the App Store.

It seems like there's some related C code in swift-crypto (CCryptoBoringSSL). I'm not entirely sure if this calls for a Privacy manifest, but I'm curious if there are any plans to include such a file.

Good call-out, we should add such a manifest here.

In this instance the manifest is purely empty so this is easy for us to do.

@Lukasa
Thanks.

I'm using swift-certificate, and it requires Privacy manifest support for both swift-crypto and swift-asn1, the libraries it depends on.

It seems like you might be involved with both of swift-certificate, swift-asn1 as well, but just to confirm, I'll leave identical issues for each of repo.

It's my understanding that there is no need to provide privacy manifest files for those targets: they're only necessary in cases where the privacy manifest would not be empty, or when we're specifically distributing one of the listed SDKs.

You are right. I think i was a bit confused. But since swift-certificate has a dependency on swift-crypto, I thought that if a private manifest is added to swift-crypto, it would be necessary to update the version of swift-crypto in swift-certificate.

swift-certificates only expresses a minimum requirement. When we ship an update, a simple package resolution should cause the update to be taken on your end.