feat: Add required Privacy Manifest file for iOS

[davidkroeg]

Feature Request

Description

Starting with Spring 2024 Apple requires third-party SDKs to add a Privacy Manifest file (similar to the privacy nutrition labels in the store). Apple specifically lists Capacitor as one of the SDKs that must include this manifest otherwise any App that includes it is not allowed to release an update (or new app) to the store.

https://developer.apple.com/support/third-party-SDK-requirements/

Platform(s)

iOS

Preferred Solution

Alternatives

None

Additional Context

• https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_data_use_in_privacy_manifests
• https://developer.apple.com/videos/play/wwdc2023/10060/

[JLLA113]

Is someone tracking this?

Also, Apple requires that SDKs need to be signed by the developer.

Thanks

[markemer]

We are indeed planning to add a privacy manifest to supported frameworks, signing will only be needed for binary frameworks we ship. Source frameworks will just need the manifest.

[edshkliaruk]

@markemer Hello, which frameworks specifically do you plan to add the privacy manifest to?

[ph1ps]

The deadlines for this have been published: https://developer.apple.com/news/?id=3d8a9yyh

This issue has been opened two months ago, can somebody please take a look?

[kensodemann]

If you have not already, please upvote (👍) the first post in the issue. The team uses that for ranking issues.

They also already know this is important, of course, but upvoting issues you care about always helps. Thx!!

[SpenserJ]

I'll second Usman's comment about wondering when this will be rolled out. I'm not sure why his comment was marked as abuse, but knowing when this will be released (and whether it will be available for 5.x or is being held for 6.x is going to be extremely important for many teams.

Apple's announcement says that they'll begin notifying apps tomorrow (March 13th) that they need to update, and enforcing it in 1.5 months (April 1). If Ionic's plan is to include this in the 6.0.0 (supposed to be released as Stable in February) but not in the 5.x branch, that has a significant impact on teams building Capacitor apps, since we don't know when 6.0.0 will be released or what the migration strategy will be.

Can you please share some information on whether this will be in 5.x or just in 6.0.0, and if the plan is to only include it in 6.0.0 can you please share when that will be available?

[sasos90]

Should we wait for the capacitor hotfix, or is it prefered to do this manually by developers?

[jcesarmobile]

there were Capacitor 4.x, 5.x and 6.x releases last week including this change

[sasos90]

For 5.x is it 5.7.4 perhaps?
I am getting some DiskSpace type warning from appstore, and I don't think this is included is it?

[ezequielfalcon]

I am getting also new warnings from AppStore:

The types are:

• FileTimestamp
• SystemBootTime
• UserDefaults
• DiskSpace

These are features we don't and the only community library we use (barcode-scanner) doesn't seem to use any of this APIs

[sasos90]

So I tried ios platform version 5.7.4 and it didn't fix the issue. Do we have to put this in manually?

[carolinasofiab]

First I want to say: thanks for your work and time!
I noticed, checking out the committed changes, that there are some crucial bits missing. It includes NSPrivacyAccessedAPITypes, but the specific NSPrivacyAccessedAPIType and NSPrivacyAccessedAPITypeReasons are not declared. For example, The type is NSPrivacyAccessedAPICategoryUserDefaults and the reason could be User Defaults - CA92.1: Access info from same app, per documentation. Here is a link to the description where Apple states that "apps that don’t describe their use of required reason API in their privacy manifest file aren’t accepted by App Store Connect."
https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api#4278393.

[dallastjames]

I am getting also new warnings from AppStore:

The types are:

• FileTimestamp
• SystemBootTime
• UserDefaults
• DiskSpace

These are features we don't and the only community library we use (barcode-scanner) doesn't seem to use any of this APIs

These are probably because you're using some combination of the @capcaitor/device, @capacitor/preferences and @capacitor/filesystem plugins. They have methods that use these privacy APIs. We'll be figuring out how to best address plugins like this for a future Capacitor update to hopefully avoid , but for now, you'll need to add the reason codes to your privacy manifest if you're using these plugins. We've got a PR to land soon that will add codes to our docs with "default suggestions" that you can use.

We also just landed a new docs page around creating this privacy manifest file using either the VS Code extension or manually that may be helpful.

[dallastjames]

First I want to say: thanks for your work and time! I noticed, checking out the committed changes, that there are some crucial bits missing. It includes NSPrivacyAccessedAPITypes, but the specific NSPrivacyAccessedAPIType and NSPrivacyAccessedAPITypeReasons are not declared. For example, The type is NSPrivacyAccessedAPICategoryUserDefaults and the reason could be User Defaults - CA92.1: Access info from same app, per documentation. Here is a link to the description where Apple states that "apps that don’t describe their use of required reason API in their privacy manifest file aren’t accepted by App Store Connect." https://developer.apple.com/documentation/bundleresources/privacy_manifest_files/describing_use_of_required_reason_api#4278393.

Capacitor 6 (what's currently on main) removed the use of UserPreferences, so it by itself shouldn't need to declare any restricted APIs, only plugins added may require this. The default manifest for Capacitor 4 and 5 though should have UserPreferences with the appropriate code declared.

[crasowas]

I am getting also new warnings from AppStore:

The types are:

• FileTimestamp
• SystemBootTime
• UserDefaults
• DiskSpace

These are features we don't and the only community library we use (barcode-scanner) doesn't seem to use any of this APIs

You can try using this script to analyze the usage of APIs: App Store Privacy Manifest Analyzer.

[bryantbrock]

Anybody else having a problem getting rejected after defining their PrivacyInfo.xcprivacy file and submitting?

I was emailed noting that NSPrivacyAccessedAPICategoryDiskSpace and NSPrivacyAccessedAPICategoryUserDefaults needed reasons, so I followed the steps in the capacitor docs. Resubmitted, but got an email with the same errors.