Support Privacy Manifest

Question

Support Privacy Manifest

benMohamed opened this issue a year ago · 13 comments

I'm getting emails back from Apple about this because your library is not compliant.

ITMS-91053: Missing API declaration - Your app’s code in the “YourApp” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

Answer 1 · 2024-03-16T00:49:52.000Z

What keychain-swift version are you using? The privacy manifest has been included in version 21.

Answer 2 · 2024-03-16T10:47:36.000Z

Yes, I use version 21.0.0, I think your privacy should contain that key "NSPrivacyAccessedAPICategoryUserDefaults"

Answer 3 · 2024-03-16T14:09:33.000Z

This library does not use any of the API that are required for declaration, including UserDefaults.

See https://github.com/evgenyneu/keychain-swift/blob/master/Sources/PrivacyInfo.xcprivacy

The NSPrivacyAccessedAPICategoryUserDefaults is the value of NSPrivacyAccessedAPIType key in the dictionary inside NSPrivacyAccessedAPITypes array, which is empty for this library, since we are not using any APIs required for declaration

Answer 4 · 2024-03-16T14:26:18.000Z

in my app, the only library I use is KeychainSwift. Therefore, I believe you need to verify this key. You can create an empty project with only your library, then try to publish it. You will receive the same email automatically.

Answer 5 · 2024-03-17T15:04:20.000Z

Just FYI. Here's how I express this in my project. Apple hasn't nagged me about it (yet). Their documentation leaves a bit to be desired, but I think I got it right.

Answer 6 · 2024-03-18T16:56:12.000Z

please, @ChrisMarshallNY What does <string>CA92.1</string> mean ?

Answer 7 · 2024-03-18T18:12:11.000Z

That's the value that says basically that you are using it the way it says on the tin. It's like the "NO" thing in the uses encryption.

It might very well apply, here. Like I said, their documentation is ... sparse.

Answer 8 · 2024-03-19T14:17:36.000Z

thank you @ChrisMarshallNY

Answer 9 · 2024-04-03T13:10:27.000Z

@evgenyneu Here is PR that adds manifest to the pod spec, without it manifest file is missing in the framework we build via cocoapods
#188

Answer 10 · 2024-04-15T10:51:59.000Z

@evgenyneu I created this PR to fix the privacy file issue

Answer 11 · 2024-04-22T07:00:02.000Z

@benMohamed

At present, the privacy file of version 22.0 is imported directly instead of bundle, causing a conflict with the privacy name of the project itself.

"resources": "Sources/PrivacyInfo.xcprivacy" should be modified to

"resource_bundles": {
"KeychainSiwft": [
"Source/PrivacyInfo.xcprivacy"
]
}

Answer 12 · 2024-04-25T22:50:33.000Z

@benMohamed

At present, the privacy file of version 22.0 is imported directly instead of bundle, causing a conflict with the privacy name of the project itself.

"resources": "Sources/PrivacyInfo.xcprivacy" should be modified to

"resource_bundles": { "KeychainSiwft": [ "Source/PrivacyInfo.xcprivacy" ] }

@DeanCarter @benMohamed @evgenyneu I have same issue. any idea to solve it?

ISSUE

Multiple commands produce '/Users/me/Library/Developer/Xcode/DerivedData/sharetec-aytxuukqkljfgpgqfcpiagtdqwwo/Build/Products/Debug-iphonesimulator/MyApp.app/PrivacyInfo.xcprivacy'

Answer 13 · 2024-04-26T02:06:58.000Z

@DeanCarter thanks, I updated podspec to use the resource_bundles as you suggested. Available in version 24.