-
Notifications
You must be signed in to change notification settings - Fork 215
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[URGENT] Update SDWebImage dependency for Apple Privacy #310
Comments
Why ? See our demo's Podfile.lock
|
I don't think SDWebImageSwifUI |
@dreampiggy I don't understand your last comment? I'm getting the following when I upload now. Not sure if it is because of SDWEBImage, but I've added the PrivacyInfo for my app. ITMS-91053: Missing API declaration - Your app’s code in the “UntitledBarracks” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryFileTimestamp. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api. ITMS-91053: Missing API declaration - Your app’s code in the “UntitledBarracks” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api. |
Is your project issue. Maybe your min deployment version is wrong. The demo shows that "we can always get the new version" |
We have a similar problem. We only use SDWebImageSwiftUI and Apple is complaining about the missing API declaration. Apple complains about |
What linkage did you use ? For dynamic linkage, each framework use its own symbol. For static linkage, each framework share the same symbol. So maybe you need to declare |
We use swift package manager. I don't know wether spm packages are statically or dynamically linked. |
Is that final package actually contains the Maybe the issue is that SDWebImage does not get recognized contains a valid manifest |
I means, the final package (.ipa) That SDWebImage's I checked again, seems the syntax is correct as Apple's forum suggestion ? https://github.com/SDWebImage/SDWebImage/blob/master/Package.swift#L35 |
well, it doesn't. That's the point. The report only lists our own declared reasons and not the ones SDWebImage uses. |
Why? Any different between this syntax |
I guess this is SwiftPM only problem, marked as label here. And you can firstly test using CocoaPods or manural archive (using Carthage build for exmaple) |
We don't have CocoaPods nor Carthage in our project, so I am not able to test this easily. |
I believe that we were able to use the correct version of SDWebmage without any changes to this component by setting the explicit SDWebImage dependency to the necessary version in the SPM settings. With that additional dependency definition in place, we do not see the privacy warnings when uploading builds to Apple. |
Can you provide what that looks like because I'm still getting warned on this privacy issue using SPM. |
We are using xcodegen, so I'm not 100% sure of how this would look with a standard SPM integration, but we have the following dependencies defined:
This setup makes use of the correct version of SDWebImageSwiftUI, while bumping SDWebImage itself up to the latest version. |
I'm not sure if there was additional work. We had to have our own privacy manifest set up, so it's possible we resolved our warnings by adding that. |
That looks to be about what I would expect. I'm not sure what else would be missing outside of for some reason the file not being included I the final build. Sorry I can't help much more here. |
Adding SDWebImage 5.19.1 via SPM as an explicit dependency to the project does not resolve the issue. I am still getting the privacy issue. I don't know what to do other than manually copying the reasons that SDWebImage declares and put them into our own privacy manifest file. |
When using our repo's own Demo ( click archive, I can see the xcarchive, and the App bundle actually contains the @ginnheimerCoder Does your final app or ipa not contains this file ? |
Using the same tree command, it only shows our own PrivacyInfo file under the root directory of the app. There is no |
I re-added SDWebImageSwiftUI (removed it from Package Dependency and re-added it) and now using the tree command, the |
So, what's actually needed ? The privacy info already bundled in your App. See: https://forums.developer.apple.com/forums/thread/734971 |
On the Apple forum, nobody mentions the use of SPM. I think this is an SPM issue. |
There are no different if you use I guess when you use |
what exactly do you mean when you say "use .framework bundle"? I just included the package via Swift Package Manager. Nothing more. What do I need to change? |
So it seems like the issue has been resolved on the apple side. I uploaded a new build (with no changes to the privacy issue) and up until now I haven’t received the privacy issue e-mail. |
SPM does not use It use If you still face the issue, maybe using other package manager, or tweak SPM to use binary framework dependency of SDWebImage is the only way. See more: https://github.com/firebase/firebase-ios-sdk/blob/main/docs/firebase_in_libraries.md#introduction |
If Apple's tool is stupid on |
There is a deadline coming up where Apple requires all usage of SDWebImage to include xcprivacy files. That was added in the 5.18.7 release: https://github.com/SDWebImage/SDWebImage/releases/tag/5.18.7
However, SDWebImageSwiftUI has no way to use the new version, so it's not currently possible to get the required version.
Apple will stop accepting uploads without this file starting on May 1, 2024, so this update needs to be made very soon to allow time to integrate and test the dependency update.
The text was updated successfully, but these errors were encountered: