Tag
swift-package-manager
Safeguard articles tagged "swift-package-manager" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Open Source Security
Swift Package Manager dependency resolution and pinning s...
SPM trusts mutable git tags, not signed artifacts. Here's how dependency resolution, Package.resolved integrity, and pinning gaps expose Swift apps to supply chain attacks.
Jan 30, 20266 min read
Open Source Security
Swift Package Manager vulnerability trends
Typosquats, thin CVE coverage, and an executable manifest format: inside the Swift Package Manager vulnerability trends security teams can't ignore.
Nov 10, 20257 min read
Open Source Security
How Snyk resolves CocoaPods and Swift Package Manager dep...
How Snyk parses Podfile.lock for CocoaPods and invokes the Swift toolchain to resolve Swift Package Manager dependencies when scanning iOS codebases.
Aug 21, 20257 min read