A shell script used to analyze privacy manifests in the specified directory to ensure that your app complies with the App Store requirements.
If upgrading the SDK does not resolve privacy manifest issues or you wish to keep the project as is without migration, it is recommended to use the app_privacy_manifest_fixer based on the current analysis script to fix privacy manifest issues.
- Support analysis of API usage within any directory.
- Scan all source files (including
.h,.m,.mm,.c,.cc,.hpp,.cpp, and.swiftfiles) as well as binary files. - Automatically detect missing privacy manifest files and API declarations.
- Support for tagging commonly used SDKs.
- Provide API usage that could affect your app's privacy manifest.
- macOS:
Xcode Command Line Toolsinstalled.
You can try executing the following command to determine if your Mac device supports the script:
xcrun swift -versionIf the output after execution resembles the example below:
swift-driver version: 1.90.11.1 Apple Swift version 5.10 (swiftlang-5.10.0.13 clang-1500.3.9.4)
Congratulations! You are now ready to start using the script. Should you encounter any other issues, you can attempt to install Xcode Command Line Tools using the following command:
xcode-select --installsh analyser.sh <directory_path>Example output:
============================ Analyzing Runner Project ============================
💡 Found privacy manifest file(s): 1
[0] ./Runner/PrivacyInfo.xcprivacy
API usage analysis result(s): 0
✅ All required API reasons have been described in the privacy manifest.
======================== Analyzing CocoaPods Dependencies ========================
Analyzing FBSDKCoreKit 🎯 ...
💡 Found privacy manifest file(s): 3
[0] ./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64_x86_64-simulator/FBSDKCoreKit.framework/PrivacyInfo.xcprivacy
[1] ./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64_x86_64-maccatalyst/FBSDKCoreKit.framework/Versions/A/Resources/PrivacyInfo.xcprivacy
[2] ./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64/FBSDKCoreKit.framework/PrivacyInfo.xcprivacy
API usage analysis result(s): 3
[0] NSPrivacyAccessedAPICategoryUserDefaults:NSUserDefaults:./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64/FBSDKCoreKit.framework/FBSDKCoreKit
[1] NSPrivacyAccessedAPICategoryUserDefaults:NSUserDefaults:./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64_x86_64-maccatalyst/FBSDKCoreKit.framework/FBSDKCoreKit
[2] NSPrivacyAccessedAPICategoryUserDefaults:NSUserDefaults:./Pods/FBSDKCoreKit/XCFrameworks/FBSDKCoreKit.xcframework/ios-arm64_x86_64-simulator/FBSDKCoreKit.framework/FBSDKCoreKit
✅ All required API reasons have been described in the privacy manifest.
Analyzing DKImagePickerController 🎯 ...
⚠️ Missing privacy manifest file!
API usage analysis result(s): 1
[0] NSPrivacyAccessedAPICategoryFileTimestamp:.modificationDate:./Pods/DKImagePickerController/Sources/DKImagePickerController/DKImageAssetExporter.swift
🛠️ Descriptions for the following required API reason(s) may be missing: 1
[0] NSPrivacyAccessedAPICategoryFileTimestamp
Analyzing SDWebImage 🎯 ...
💡 Found privacy manifest file(s): 1
[0] ./Pods/SDWebImage/WebImage/PrivacyInfo.xcprivacy
API usage analysis result(s): 1
[0] NSPrivacyAccessedAPICategoryFileTimestamp:NSURLContentModificationDateKey,NSURLCreationDateKey:./Pods/SDWebImage/SDWebImage/Core/SDDiskCache.m
✅ All required API reasons have been described in the privacy manifest.
Analyzing Mantle ...
⚠️ Missing privacy manifest file!
API usage analysis result(s): 0
...
========================= Analyzing Flutter Dependencies =========================
Analyzing device_info_plus-9.1.0 🎯 ...
⚠️ Missing privacy manifest file!
API usage analysis result(s): 0
Analyzing shared_preferences_ios-2.1.1 🎯 ...
⚠️ Missing privacy manifest file!
API usage analysis result(s): 3
[0] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults,NSUserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/FLTSharedPreferencesPlugin.m
[1] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/messages.g.h
[2] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/messages.g.m
🛠️ Descriptions for the following required API reason(s) may be missing: 1
[0] NSPrivacyAccessedAPICategoryUserDefaults
...
========== Analysis completed! ⏰: 229s 💡: 6 ⚠️ : 30 🛠️ : 10 ✅: 6 🎯: 10 ===========
⚠️ 🛠️ https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api
🎯 https://developer.apple.com/support/third-party-SDK-requirements
🔔 If the directory you are analyzing is the app project directory, your app's privacy manifest may be affected by these analysis results: 20
[0] NSPrivacyAccessedAPICategoryFileTimestamp:.modificationDate:./Pods/DKImagePickerController/Sources/DKImagePickerController/DKImageAssetExporter.swift
[1] NSPrivacyAccessedAPICategoryFileTimestamp:NSURLContentModificationDateKey,NSURLCreationDateKey:./Pods/SDWebImage/SDWebImage/Core/SDDiskCache.m
[2] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults,NSUserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/FLTSharedPreferencesPlugin.m
[3] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/messages.g.h
[4] NSPrivacyAccessedAPICategoryUserDefaults:UserDefaults:./.symlinks/plugins/shared_preferences_ios/ios/Classes/messages.g.m
...
⚠️ 🛠️: When the privacy manifest of third-party SDKs is missing, please update the third-party SDKs or provide feedback to the developers.
If your app's code has the same issue, please refer to the following documents or video for resolution:
- Describing data use in privacy manifests
- Describing use of required reason API
- WWDC2023 - Get started with privacy manifests
🎯: Please promptly update these commonly used SDKs highlighted by the App Store. The complete list is from Upcoming third-party SDK requirements.
🔔: For non-dynamically linked libraries, they are fully copied into the executable file of the application bundle during compilation, which may result in unknown API usage when scanning the executable file of the application.
To pass the App Store review, you need to declare the APIs used by these non-dynamically linked libraries in your app's privacy manifest. You might feel confused as you are not sure where exactly these APIs are being used.
To address this confusion, the analyzer will list API usage that may affect your app's privacy manifest. Pay attention to it, as it will help you fill out the app's privacy manifest more accurately.
-c: Not to filter comments when scanning source code.
sh analyser.sh -c <directory_path>It is not recommended to enable this option for the accuracy of API scanning.
-d: Specify the directory where local dependencies are located (e.g., Vendor, ThirdParty, etc.).
sh analyser.sh -d <dependencies_directory_path> <directory_path>Local dependencies will be analyzed separately, just like dependencies from CocoaPods, SwiftPM, Carthage, and so on.
-e: Specify directory to exclude from analysis.
sh analyser.sh -e <excluded_directory_path> <directory_path>-i: Ignore dependencies during analysis.
sh analyser.sh -i <directory_path>This option is typically used for the analysis of Swift Package Manager projects. Please refer to: ios_swiftpm_example.
-v: Display verbose information.
sh analyser.sh -v <directory_path>sh analyser.sh <directory_path> > log.txt| Dependency Source | Example |
|---|---|
| CocoaPods | ios_example |
| Swift Package Manager | ios_swiftpm_example |
| Carthage | ios_carthage_example |
| Flutter | flutter_example |
| Application Bundle | Planned |
Use the tool to quickly generate a privacy access report for your app.
Most deprecated SDKs have been replaced by better alternatives. If you prefer not to migrate, consider using the app_privacy_manifest_fixer to resolve privacy manifest issues.
For the AFNetworking SDK, which is no longer actively maintained, you can resolve privacy manifest issues also by updating the source reference in your Podfile as shown below:
pod 'AFNetworking', :git => 'https://github.com/crasowas/AFNetworking.git'- The scanning of required reason APIs is implemented based on ios_17_required_reason_api_scanner.