App Store: still getting the "Missing API declaration" warnings
adario opened this issue · 11 comments
Platform
iOS
Environment
TestFlight
Installed
Swift Package Manager
Version
8.23.0
Did it work on previous versions?
Yes — I think it first happened in 8.20.0.
Steps to Reproduce
- Import Sentry in your
AppDelegate. - From the delegate's
application(_ application: UIApplication, didFinishLaunchingWithOptions launchOptions: [UIApplication.LaunchOptionsKey: Any]?)method, call the following function with any message:
private func sendEvent(message: String) {
let fp = "[some fingerprint]"
let event = Sentry.Event(level: .debug)
event.message = SentryMessage(formatted: message)
var fingerprint = event.fingerprint ?? []
if fingerprint.isEmpty {
fingerprint.append(fp)
} else {
fingerprint.insert(fp, at: 0)
}
event.fingerprint = fingerprint
SentrySDK.capture(event: event)
}
- Submit your app to TestFlight via Xcode (for both App Store and TestFlight distribution).
- Wait for the TestFlight processing completion.
- From App Store Connect, add a tester or a group to the new build, and submit it for review.
- Wait for the TestFlight review completion.
Expected Result
The TestFlight review should complete without warnings.
Actual Result
After the TestFlight review completes, App Store Connect sends the following email:
Although submission for TestFlight review was successful, you may want to correct the following issues in your next submission for TestFlight review. Once you've corrected the issues, upload a new binary to App Store Connect.
ITMS-91053: Missing API declaration - Your app’s code in the “[REDACTED]” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: Apple Documentation.
ITMS-91053: Missing API declaration - Your app’s code in the “[REDACTED]” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryFileTimestamp. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: Apple Documentation.
ITMS-91053: Missing API declaration - Your app’s code in the “[REDACTED]” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategorySystemBootTime. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: Apple Documentation.
I thought this had been fixed in 8.21.0 or something like that...
Are you willing to submit a PR?
No response
Update: this still occurs with the latest release, 8.24.0 — same message from App Store Connect.
Hello @adario, thanks for reaching out.
We do have a privacy file in the framework, and as far as all our tests go, this is working, and no warning from Apple is being issued in our test app.
Your app’s code in the “[REDACTED]” file references
This redact part is pointing to Sentry Binary? Something like Sentry.framework?
Because each binary in the app bundle needs its own privacy manifest.
Hello @adario, thanks for reaching out. We do have a privacy file in the framework, and as far as all our tests go, this is working, and no warning from Apple is being issued in our test app.
Your app’s code in the “[REDACTED]” file references
This redact part is pointing to Sentry Binary? Something like
Sentry.framework? Because each binary in the app bundle needs its own privacy manifest.
No, [REDACTED] is the name of the app...
Because each binary in the app bundle needs its own privacy manifest
After more test, we found out that the manifest is not per binary but per target (app, widget, extensions).
Apple email will always point to the target with problem.
During this tests we send the app a few times to TestFlight with Sentry, and every time we use the framework from SPM we did not get an alert e-mail.
I have no more ideas what is happening to you @adario.
My suggestion is to include the PrivacyInfo.xcprivacy file into your app.
You can copy it from here.
Also, can you inspect your app bundle to see if there is a PrivacyInfo.xcprivacy inside /frameworks/Sentry.framework?
@brustolin thank you for your answers — a couple of comments inline:
Because each binary in the app bundle needs its own privacy manifest
After more test, we found out that the manifest is not per binary but per target (app, widget, extensions). Apple email will always point to the target with problem.
Yes, I understand the problem should be in the app, which does not contain widgets nor extensions.
During this tests we send the app a few times to TestFlight with Sentry, and every time we use the framework from SPM we did not get an alert e-mail.
I have no more ideas what is happening to you @adario.
Ok.
My suggestion is to include the
PrivacyInfo.xcprivacyfile into your app. You can copy it from here.
I will try to do that. but... won't that require me to update the Privacy information in App Store Connect?
Currently, in the Privacy data in App Store Connect I have declared the 'usage' and 'identifiers' items, applied to the 'not linked to you' section — would I need to declare other items in the Privacy data? I would really like to avoid doing that...
Also, can you inspect your app bundle to see if there is a
PrivacyInfo.xcprivacyinside/frameworks/Sentry.framework?
Looks like the .xcprivacy is in the framework as expected — I've attached a screenshot.
Thanks again.
I will try to do that. but... won't that require me to update the Privacy information in App Store Connect?
No. Privacy information in App Store is about data collect, not API usage. I also tried this suggestion and it worked. No change needed in Appstore connect.
Looks like the .xcprivacy is in the framework as expected — I've attached a screenshot.
If the information is there, Im out of ideas why Apple is tagging your app.
Please. let us know if copying the privacy file to your app solved the issue.
Please. let us know if copying the privacy file to your app solved the issue
This worked — I've manually added the privacy file in the app bundle: after submitting a TestFlight build, App Store Connect did not send any warnings...
Thanks for your support. :-)
For any Sentry's React Native users visiting this issue, you can find comprehensive guide for RN and Expo in our docs.
https://docs.sentry.io/platforms/react-native/data-management/apple-privacy-manifest/