Override for "unsafeFlags" in Swift Package Manager?

Is there a setting we can add to a package, framework, or app, so that it's allowed to depend on packages that use "unsafeFlags"?


Swift Pacakage Manager allows a package manifest (Package.swift) file to specify build settings for targets.

As a security measure, some build settings can only be specified using "unsafeFlags" parameter. For example, specifying a framework search path outside the current directory using the -F build flag is considered "unsafe" because it could lead to code execution outside the package's own directory.

For packages downloaded from the internet, this could be considered an undesirable behavior. However, for locally-declared packages, this could be what we want to do.

However the design of SPM is such that any package that uses "unsafeFlags" cannot be depended on by another package, regardless of whether that package came from the internet, or was locally declared (in which case, you control it, so you don't need this kind of security measure).

So is there any override for when we want to use unsafeFlags somewhere in a dependency structure of various locally-declared Swift packages?

In my particular use case, we're using Swift Packages not for distributing software, but just as a replacement for Xcode project files, because Xcode project files are a constant source of annoying merge conflicts.


unsafeFlags are allowed for SPM dependencies specified with a commit hash instead of a version. More details and an example at SPM with custom module map by paulb777 · Pull Request #460 · erikdoe/ocmock · GitHub

We use a monorepo. All of our packages are local to the monorepo. I.e. they don't have individual, separate commit hashes. We just use a directory "path" to reference them.

Whenever I try to use unsafeFlags then I get build errors. We're using all local paths to reference our packages.

Does that mean we can't override the unsafeFlags? I.e. are local packages referenced with "path" not under the same rule as ones referenced with a commit hash?

As an update, when I use unsafe flags in local packages, the app cannot be built. We get the following error when building Framework targets that link to local package targets with unsafe flags:

The package product 'REDACTED' cannot be used as a dependency of this target because it uses unsafe build flags.

From what I can tell, this must be a bug, because the intent of unsafe flags was that they should be able to be used in local packages with no issues.

Or is there some... secret Xcode project build parameter to get unsafe local packages to build?

The workaround is to make a separate local Swift package that has no unsafe flags, which depends on the unsafe local package. And then import that, into yr xcproj's. As mentioned elsewhere you may need to @_exported import the wrapped, unsafe one in a shim file of the save one.

Hopefully they patch this, because it feels like an ugly hack, but at least there's a workaround.

1 Like

Related StackOverflow: ios - Swift package dependency with unsafe build flags: target integrity error - Stack Overflow

Terms of Service

Privacy Policy

Cookie Policy