Canonical has created a new notification mechanism for Snap developers to notify them when new Ubuntu security updates that affect their Snaps published in the Snap Store are available.

If you're a Snap app developer, you'll be glad to know that Canonical will now send you alerts via email everytime new Ubuntu Security Notices (USNs) are published and contain details about security fixes for the staged packages in the Snap. This will work only if you use "stage-packages" in Snap's snapcraft.yaml configuration file.

"Once a day, the service examines snaps that have manifest.yaml files for their currently published channels/tracks and checks whether USNs have been issued for the versions of the staged packages in the snap. If any snap revisions are affected, the tool will generate a report to send via email," said Canonical in a blog post.

Making Snaps even more secure

Snaps are already secure by design, as they run as containerized software packages isolated from the rest of the host system. On top of that, they automatically update themselves, are simple to install without the hustle of countless dependencies. However, Canonical's new security alerts for developers make them even more secure.

If you're a Snap developer with Snaps published on the Snap Store, you might want to opt-in to receive these security notification when new Ubuntu Security Notices are published and update your Snaps by including a snap/manifest.yaml file in your Snap package, which can be generated automatically if you're building on Launchpad.

You can also manually set the SNAPCRAFT_BUILD_INFO=1 environment variable on building a Snap package to have the snap/manifest.yaml file inserted into the Snap before packaging the app with the Snapcraft tool. By default, alerts will be sent to your registered email address. Below is an example of such email alert.