Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

☂️ Support Privacy Manifest and Required APIs in iOS and macOS #143232

Open
3 of 9 tasks
jmagman opened this issue Feb 9, 2024 · 8 comments
Open
3 of 9 tasks

☂️ Support Privacy Manifest and Required APIs in iOS and macOS #143232

jmagman opened this issue Feb 9, 2024 · 8 comments
Assignees
@jmagman
Labels
a: plugins Support for writing, building, and running plugin packages P1 High-priority issues at the top of the work list team-ios Owned by iOS platform team triaged-ios Triaged by iOS platform team

Comments

@jmagman
Copy link
Member

jmagman commented Feb 9, 2024
edited

Umbrella issue to track the work to support privacy manifests (xcprivacy) across the engine, packages, 3p packages, tooling, etc.

From #131494:
Introduced in Xcode 15, Apple is now flagging specific APIs as needed a “Required Reason” to use. All usages of “Required Reason” APIs MUST be outlined in a Privacy manifest. A Privacy manifest is a document outlining how your app/SDK collects and uses a user’s data.

This is also time sensitive (https://developer.apple.com/news/?id=z6fu1dcu).

Starting in fall 2023, when you upload a new app or app update to App Store Connect that uses an API (including from third-party SDKs) that requires a reason, you’ll receive a notice if you haven’t provided an approved reason in your app’s privacy manifest. And starting in spring 2024, in order to upload your new app or app update to App Store Connect, you’ll be required to include an approved reason in the app’s privacy manifest which accurately reflects how your app uses the API.

https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api
https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_data_use_in_privacy_manifests
https://developer.apple.com/videos/play/wwdc2023/10060/
@jmagman jmagman added P1 High-priority issues at the top of the work list a: plugins Support for writing, building, and running plugin packages fyi-ecosystem For the attention of Ecosystem team team-ios Owned by iOS platform team triaged-ios Triaged by iOS platform team fyi-tool For the attention of Flutter Tool team labels Feb 9, 2024
@jmagman
Copy link
Member Author

jmagman commented Feb 9, 2024

Plugin authors: follow issue #131940 for updates to our understanding of how this should work. #131940 (comment)

@stuartmorgan stuartmorgan added the triaged-ecosystem Triaged by Ecosystem team label Feb 13, 2024
@flutter-triage-bot flutter-triage-bot bot removed fyi-ecosystem For the attention of Ecosystem team triaged-ecosystem Triaged by Ecosystem team labels Feb 13, 2024
@christopherfujino christopherfujino added the triaged-tool Triaged by Flutter Tool team label Feb 13, 2024
@flutter-triage-bot flutter-triage-bot bot removed fyi-tool For the attention of Flutter Tool team triaged-tool Triaged by Flutter Tool team labels Feb 13, 2024
@navaronbracke
Copy link
Contributor

navaronbracke commented Feb 15, 2024
edited

I might have a clue about the deadline. In an email that I received about an iOS application, Apple indicated

ITMS-90725: SDK version issue - This app was built with the iOS 16.4 SDK. Starting April 29, 2024, all iOS and iPadOS apps must be built with the iOS 17 SDK or later, included in XCode 15 or later, in order to be uploaded to be uploaded to App Store Connect or submitted for distribution.

It also does not specify MacOS, so I think our idea of that is also correct? (although, it could also be incorrect since this was for an iOS app)

@SputNikPlop
Copy link

It also does not specify MacOS, so I think our idea of that is also correct? (although, it could also be incorrect since this was for an iOS app)

I had to specify it for a macOS and tvOS app so I believe this will come to all platforms Apple supports.

@jmagman
Copy link
Member Author

jmagman commented Feb 17, 2024

I had to specify it for a macOS and tvOS app

@SputNikPlop Can you clarify? You had to specify what, and what mechanism made you specify it?

@SputNikPlop
Copy link

@SputNikPlop Can you clarify? You had to specify what, and what mechanism made you specify it?

We are accessing how much disk space is free which is a required reason api. Apple pointed us to https://developer.apple.com/documentation/bundleresources/privacy_manifest_files upon revision it is incorrect that we have to provide one for macOS in our app we provided one anyway to make it easier to use Apple's Privacy Nutrition labels should anything change in the future. I think it really came down to how we shared things cross platform, Apple really didn't tell us more but adding it passed the review. #143232 looks like the way to address it though

@darshankawar darshankawar mentioned this issue Mar 18, 2024
Open
@rajeshbdabhi

This comment was marked as off-topic.

Sign in to view
@andcea andcea mentioned this issue Mar 28, 2024
Open
@estebansalgado

This comment was marked as off-topic.

Sign in to view
@jmagman
Copy link
Member Author

jmagman commented Apr 5, 2024

#145269 (comment)

I would encourage anyone following this issue to read #131940 (comment), particularly the warning there.

I will be hiding any comments I encounter in the Flutter issue tracker that tell people to add arbitrary contents to a privacy manifest.

@rrpadilla rrpadilla mentioned this issue Apr 13, 2024
Merged
11 tasks
auto-submit bot pushed a commit to flutter/packages that referenced this issue Apr 16, 2024
@rrpadilla
[google_maps_flutter] update ios privacy manifest (#6511)
18c4ca4 
The installation instructions for Google Maps Platform SDKs for iOS now have download links and instructions for **manually** adding Privacy Manifest files for use with the latest versions of the SDKs. You can read more about this [here](googlemaps/google-maps-ios-utils#463 (comment)).

This PR synchronizes the iOS privacy manifest with the file provided by Google for the Maps SDK for iOS. 
The privacy manifest was downloaded from: [https://developers.google.com/maps/documentation/ios-sdk/config#add-apple-privacy-manifest-file](https://developers.google.com/maps/documentation/ios-sdk/config#add-apple-privacy-manifest-file).

As you can see in the new **[PrivacyInfo.xcprivacy](packages/google_maps_flutter/google_maps_flutter_ios/ios/Resources/PrivacyInfo.xcprivacy)** file Google Maps SDK is using the following **NSPrivacyAccessedAPITypes**:

- **NSPrivacyAccessedAPICategoryDiskSpace**
- **NSPrivacyAccessedAPICategorySystemBootTime**
- **NSPrivacyAccessedAPICategoryFileTimestamp**
- **NSPrivacyAccessedAPICategoryUserDefaults**

*Related issues:*
- [flutter/flutter/issues/145269](flutter/flutter#145269)
- [flutter/flutter/issues/143232](flutter/flutter#143232)
- [flutter/flutter/issues/131940](flutter/flutter#131940 (comment))

Fixes flutter/flutter#94491
@jmagman jmagman changed the title ☂️ Support Privacy Manifest and Required APIs in iOS ☂️ Support Privacy Manifest and Required APIs in iOS and macOS Apr 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jmagman jmagman

Labels
a: plugins Support for writing, building, and running plugin packages P1 High-priority issues at the top of the work list team-ios Owned by iOS platform team triaged-ios Triaged by iOS platform team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@stuartmorgan @jmagman @christopherfujino @estebansalgado @navaronbracke @rajeshbdabhi @SputNikPlop