-
Notifications
You must be signed in to change notification settings - Fork 49
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add privacy manifest #148
Add privacy manifest #148
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the additions all seem reasonable to me
e94b9b0
to
ffc6b6e
Compare
ffc6b6e
to
009d6bd
Compare
009d6bd
to
a219e2e
Compare
We got rid of |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for adding this!
<string>NSPrivacyAccessedAPICategoryFileTimestamp</string> | ||
<key>NSPrivacyAccessedAPITypeReasons</key> | ||
<array> | ||
<string>C617.1</string> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Declare this reason to access the timestamps, size, or other metadata of files inside the app container, app group container, or the app’s CloudKit container.
Seems right 👍
<string>NSPrivacyAccessedAPICategoryDiskSpace</string> | ||
<key>NSPrivacyAccessedAPITypeReasons</key> | ||
<array> | ||
<string>7D9E.1</string> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Declare this reason to include disk space information in an optional bug report that the person using the device chooses to submit. The disk space information must be prominently displayed to the person as part of the report.
Information accessed for this reason, or any derived information, may be sent off-device only after the user affirmatively chooses to submit the specific bug report including disk space information, and only for the purpose of investigating or responding to the bug report.
Yep 👍
This adds a privacy manifest to the library that declares the reasons for using sensitive APIs. This is a new requirement by Apple and will start being enforced in spring 2024. Any app that consumes Aardvark would get this privacy manifest and doesn't need to redeclare the libraries usage of sensitive APIs.
Out of all sensitive APIs marked by Apple, Aardvark uses 1 file timestamp API, 4 disk space APIs, and the
UserDefaults
.Timestamp API
When a bug report is being filed, one of the email attachments lists some files from the app container along with their last modified date. contentModificationDateKey is used here to fetch those dates, which are visible to users in the attachment itself. Below is an example.
This qualifies as reason C617.1 which states:
File size APIs
Also when a bug report is being filed, in the same attachment as above, disk information is included. This is done here and makes use of the following sensitive APIs:
Below is an example of what this looks like:
This qualifies as reason 7D9E.1 which is specific to filing bug reports and states: