Security is at the heart of a healthy and dependable software ecosystem, and therefore also at the heart of the SSWG. The pages linked from this section are intended to provide clear and simple guidance for both users and developers of packages listed in the SSWG’s package index.

Available information

The information is split into different scenarios, depending on what brings you here. Each piece of information is supposed to be self-contained, so please select the most appropriate one. If your situation isn’t covered, please get in touch with the SSWG on the forums. If you’re just curious, feel free to read it all at once 😊.

• If you found (or suspect you did) a security vulnerability in any of the packages incubated by the SSWG and listed on the SSWG package index, have a look at the information regarding reporting a security vulnerability.
• If you are a package maintainer and received a report of a (suspected) security vulnerability, check out our guidance around receiving notice of a security vulnerability.
• If you are a package maintainer of any of the incubated projects or are thinking about pitching/proposing for your package to be listed, please find information about the package security requirements.

Anything missing?

To report any missing, unclear, or misleading information, or any other concerns, please contact any member of the SSWG. You can also create a post in the server area of the Swift Forums.