Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: Create ITMS privacy manifest for Apple builds #2751

Closed
8 tasks done
orkun1675 opened this issue Mar 24, 2024 · 8 comments
Closed
8 tasks done

[Bug]: Create ITMS privacy manifest for Apple builds #2751

orkun1675 opened this issue Mar 24, 2024 · 8 comments
Labels
bug Something isn't working triage

Comments

@orkun1675
Copy link

Platform

Apple / Swift

Plugin

connectivity_plus, device_info_plus, package_info_plus, share_plus

Version

Various (all latest as of March 22)

Flutter SDK

3.19.4

Steps to reproduce

Apple now requires privacy file for plugins/frameworks that access sensitive APIs. See: flutter/flutter#131940

Apple has published the list of commonly used Flutter packages that access these sensitive APIs but do not provide a privacy manifest: https://developer.apple.com/support/third-party-SDK-requirements/

It would be great if _plus plugins can remove calls to these sensitive APIs and/or create a privacy manifest where appropriate.

PS: Please feel free to close if there is already a bug tracking this. Thank you!

Code Sample

We noticed one or more issues with a recent submission for TestFlight review for the following app:

<APP NAME OMITTED>
Version <APP VERSION OMITTED>
Build <APP BUILD NUMBER OMITTED>
Although submission for TestFlight review was successful, you may want to correct the following issues in your next submission for TestFlight review. Once you've corrected the issues, upload a new binary to App Store Connect.

ITMS-91053: Missing API declaration - Your app’s code in the “Runner” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryDiskSpace. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91053: Missing API declaration - Your app’s code in the “Runner” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategorySystemBootTime. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91053: Missing API declaration - Your app’s code in the “Runner” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryUserDefaults. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

ITMS-91053: Missing API declaration - Your app’s code in the “Runner” file references one or more APIs that require reasons, including the following API categories: NSPrivacyAccessedAPICategoryFileTimestamp. While no action is required at this time, starting May 1, 2024, when you upload a new app or app update, you must include a NSPrivacyAccessedAPITypes array in your app’s privacy manifest to provide approved reasons for these APIs used by your app’s code. For more details about this policy, including a list of required reason APIs and approved reasons for usage, visit: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api.

Apple Developer Relations

Logs

N/A

Flutter Doctor

N/A

Checklist before submitting a bug

  • I searched issues in this repository and couldn't find such bug/problem
  • I Google'd a solution and I couldn't find it
  • I searched on StackOverflow for a solution and I couldn't find it
  • I read the README.md file of the plugin
  • I'm using the latest version of the plugin
  • All dependencies are up to date with flutter pub upgrade
  • I did a flutter clean
  • I tried running the example project
@orkun1675 orkun1675 added bug Something isn't working triage labels Mar 24, 2024
@orkun1675 orkun1675 changed the title [Bug]: Create ITMS privacy config for Apple builds [Bug]: Create ITMS privacy manifest for Apple builds Mar 24, 2024
@orkun1675
Copy link
Author

orkun1675 commented Mar 24, 2024
edited

As an example, see how the shared_preferences package handles this requirement here:

@LBYPatrick
Copy link
Contributor

Good call! Though, I am not trying to be devil's advocate, but due to the way the IPAs are packaged and thereby obfuscated, I honestly don't think Apple will enforce this one but in practice throw submitted apps into a sandbox to see if there's any offenses. In this case, package_info_plus is indeed a usual suspect for causing privacy issues, but Apple will simply return dummy data to it for some privacy-related APIs unless some explicit Permissions/Entitlements are declared ahead of time.

I am curious about whether Apple will be able to read GeneratedPluginRegistrant.h in plain text inside a packaged application. If not, then what I said is true.

@miquelbeltran
Copy link
Member

miquelbeltran commented Mar 25, 2024
edited

Hello! We already have the privacy manifests in place and the modifications on the podspec files, have you looked at them?

Is there a way to check that those requirements come from plus plugins and not from other packages?

@miquelbeltran
Copy link
Member

miquelbeltran commented Mar 25, 2024
edited

Also this ticket duplicates #2447

But I will keep it open since the other was closed.

@miquelbeltran
Copy link
Member

Let's take a look at NSPrivacyAccessedAPICategoryDiskSpace: https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api#4278397

Looking at the codebase, I cannot find a single use of the APIs like systemSize by the plugins.

I also used this tool: https://github.com/Wooder/ios_17_required_reason_api_scanner which wasn't able to detect any usage as well. I found it in this discussion here: expo/expo#27678 (comment)

@vbuberen
Copy link
Collaborator

We already have privacy manifests in place since last release of plugins.
There are no evidence that issues mentioned in the email are related to Plus Plugins.
I would advice the issue reporter to deal with Flutter team packages first, since currently the main source of issue with APIs usage mentioned in that email are plugins like shared_preferences. Because it had no releases for 5 months already it is rarely happens that somebody goes and does pub upgrade shared_preferences to fetch latest iOS part of that plugin, which was released recently with privacy manifest included: https://pub.dev/packages/shared_preferences_foundation/changelog#235
However, shared_preferences has quite relaxed version range allowed (as of writing this message it is ^2.2.0): https://github.com/flutter/packages/blob/main/packages/shared_preferences/shared_preferences/pubspec.yaml#L32

I was also confused recently with how versions are resolved, so created this PR to make things more straightforward as new releases of touched plugins will have iOS native parts with privacy manifests included: flutter/packages#6355

With that being said I don't want us to keep this issue open to not confuse other users who might think that Plus plugins still don't have privacy manifests added.

@miquelbeltran
Copy link
Member

With that being said I don't want us to keep this issue open to not confuse other users who might think that Plus plugins still don't have privacy manifests added.

Agreed. I will close this one.

Unless someone can point out how the plus plugins are responsible for using those APIs, there is nothing else we can do.

From personal anecdote, I was using connectivity_plus, device_info_plus, package_info_plus in a project recently, together with many other packages of course, and the email from Apple only mentioned NSPrivacyAccessedAPICategorySystemBootTime, for example, and no mention of the other three privacy accessed APIs. We resolved the issue by creating our own privacy manifest in our app, even if we didn't know which package was responsible for it.

@orkun1675
Copy link
Author

Thanks both, I'll report back if there is any proof that the culprit is plus plugins.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working triage
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@miquelbeltran @orkun1675 @vbuberen @LBYPatrick