■About SDK signature
Regarding the "Upcoming third-party SDK requirements" announced on December 7th, the method for signing only .XCFramework is described below.
https://developer.apple.com/documentation/Xcode/verifying-the-origin-of-your-xcframeworks
Could you please tell me how to sign for each of the following cases of how to embed a third-party SDK (hereinafter referred to as SDK) in a format other than the above (other than .XCFramework)?
Case 1: SDK signature method when the SDK source code itself is embedded in the app itself (Reachability etc.)
Case 2: SDK signing method for .framework
■About the description of “Upcoming third-party SDK requirements” in the 12/7 announcement
https://developer.apple.com/support/third-party-SDK-requirements/
Does the following sentence on the above page mean ① or ② in the following understanding?
English "Signatures are also required in these cases where the listed SDKs are used as binary dependencies."
Japanese: "Signing is also required when the SDKs listed below are used as binary dependencies."
Understanding 1: SDK signature is required only if the SDK is used as a binary dependency
Understanding ②: An SDK signature is required not only when the SDK is binary dependent, but also when using other methods (such as an embedding method where the SDK source code itself is placed)
■How to incorporate privacy manifest for SDK by app developer
In the case of SDKs such as AFNetworking and Reachability, whose repositories are frozen and there is currently no hope that a version compatible with manifest files will be released, is it possible to release the application even if the application developer takes the following steps?
Countermeasure No. 1: When integrating with Cocoapods, place PrivacyInfo.xcprivacy directly under the Pods/SDK directory
Countermeasure 2: Add SDK information to the app's privacy manifest
■About the content you answered last time
"Question 3.1: APIs that require a reason / Question 3.2: APIs that require a reason / Question 5: Third party > - About the SDK used in the SDK
Since our department does not have this information, please use the forum site below where you can exchange information with developers and our engineers.
We have also posted on the forum as shown in the URL below, but we have not received any responses.
https://developer.apple.com/forums/thread/741961
https://developer.apple.com/forums/thread/743329
If we do not receive a response at this time, our company will be unable to develop and provide services, so would it be possible for you to respond by the end of December?