microsoft/appcenter-sdk-apple

Privacy manifest formats are invalid and use wrong codes

codewithmichael opened this issue · 2 comments

codewithmichael commented

Description

The provided privacy manifests have a number of issues:

  1. NSPrivacyCollectedDataTypePurposes takes an array of strings, not a string -- this is a problem for the provided NSPrivacyCollectedDataTypeCrashData, NSPrivacyCollectedDataTypePerformanceData, and NSPrivacyCollectedDataTypeOtherDiagnosticData collected data types, and appears to have been copy pasted across all provided manifests.
  2. The provided NSPrivacyAccessedAPICategoryFileTimestamp code of 35F9.1 is not valid for that API category. 35F9.1 is a code for the NSPrivacyAccessedAPICategorySystemBootTime category. Either the category needs to change or the code does.
  3. The provided NSPrivacyAccessedAPICategoryUserDefaults code of C56D.1 may only be used if your NSUserDefaults calls are within a simple wrapper function specifically designed to perform said task and only called when specifically requested by the parent application, but this is not the case. In the AppCenter source, NSUserDefaults is used in a number of places to directly load or change standardUserDefaults values -- notably inside applicationDidFinishLaunching: which runs automatically without direct developer request. The appropriate code to use here is likely CA92.1.
  4. Regarding bullet point 2, a binary scan of the 5.0.4 release using nm doesn't show any use of any of the APIs listed for NSPrivacyAccessedAPICategoryFileTimestamp or NSPrivacyAccessedAPICategorySystemBootTime. As a matter of fact, the only referenced documentation-required API appcenter-sdk-apple appears to use is NSUserDefaults. If these other APIs are used somewhere, could you please share where they are to determine what the proper codes should be?
DmitriyKirakosyan commented

@codewithmichael, thank you for the report! I have updated our PrivacyInfo files based on your notes. Please take a moment to review them.

Regarding the NSPrivacyAccessedAPICategoryFileTimestamp, the file Vendor/SQLite3/sqlite3.c utilizes the fstat API, which is specified as a reason for including NSPrivacyAccessedAPICategoryFileTimestamp. See https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api#4278393.

codewithmichael commented

It all looks good to me.

Regarding the use of fstat, I still don't see it linked into the release binaries we downloaded for 5.0.4.
It may be getting filtered out based on compiler/flags -- still, better to be safe and I'd rather keep it in than not.

Thanks :)

  • 👍1